post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9tYWlsc3Rlci91bnN1YnNjcmliZS8xMzhhN2M5MGU4NzNmNjkwNWJlY2Q3ZjMwZDM2Y2ViZS8zNzE4Lw/1
104.21.84.248301 Moved Permanently 0 B URL HTTP/1.1 post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9tYWlsc3Rlci91bnN1YnNjcmliZS8xMzhhN2M5MGU4NzNmNjkwNWJlY2Q3ZjMwZDM2Y2ViZS8zNzE4Lw/1
IP 104.21.84.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9tYWlsc3Rlci91bnN1YnNjcmliZS8xMzhhN2M5MGU4NzNmNjkwNWJlY2Q3ZjMwZDM2Y2ViZS8zNzE4Lw/1 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Dec 2022 08:36:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Dec 2022 09:36:42 GMT
Location: https://post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9tYWlsc3Rlci91bnN1YnNjcmliZS8xMzhhN2M5MGU4NzNmNjkwNWJlY2Q3ZjMwZDM2Y2ViZS8zNzE4Lw/1
Server-Timing: cf-q-config;dur=6.0000020312145e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgAs2%2FjGQ5p6%2BwNt0hBBvuXtpmpPuJGI4fiZPcD0H4RkhmbchXoiH1hvzfrA0IbCxIn%2F79vGiO947uHPWIgasfBHz0kbMy1ya1gnuYxow%2Fdykz61CgamygqL%2B6SE9M3mSPp9jA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800bae36c150b61-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 96defe1601ba891731eee83f0830649d
ba500679fd337488c3f60543561740ff0dfc1898
d2a320a9feb1a874af3da921db2a8619513968724ef8eb0715c010291c4cf8d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2A320A9FEB1A874AF3DA921DB2A8619513968724EF8EB0715C010291C4CF8D9"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7999
Expires: Tue, 27 Dec 2022 10:50:01 GMT
Date: Tue, 27 Dec 2022 08:36:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9cce060ddc316540d079e6816a1e7412
709a74969d1996d2b35ef0f7f34ae18455169f1e
6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5052
Expires: Tue, 27 Dec 2022 10:00:54 GMT
Date: Tue, 27 Dec 2022 08:36:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 27 Dec 2022 07:46:38 GMT
content-type: application/json
age: 3004
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b2d59bdbb1ca6324590988ec031cf1fc
bfd4e25af37dcde4bac38d9b178c5ac8e50f8834
cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9501
Expires: Tue, 27 Dec 2022 11:15:03 GMT
Date: Tue, 27 Dec 2022 08:36:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FP2XKwmBKmNPnkmpNjQvhTk5z0PuJbqpL9rUvaFPjgKp3jrImMZR9kyM8fvCKGjExWQvsq+UUMf1v+P8Kg95VQ==
x-amz-request-id: XJXJME102WBC6TBR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Dec 2022 07:57:46 GMT
age: 2336
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 27 Dec 2022 08:08:07 GMT
age: 1715
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
172.67.199.110200 OK 29 kB URL HTTP/2 post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
IP 172.67.199.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41800)
Hash 5b6729ccb5f1375604cfd454a4b5a1f8
fa295b7a2f7350e8065be474658357da410e303e
b8c085482e22b7cd3555ca9ad6092fb4afec0eceb805187a4c87afd96a18e11d
Analyzer Verdict Alert fortinet Phishing
GET /newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/ HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://post.bemcon.co.uk/wp-json/>; rel="https://api.w.org/", <https://post.bemcon.co.uk/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://post.bemcon.co.uk/?p=6>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIsnq71Lm5WpmiigRtW6boOGgs2tKDEFUR5NjdrktYUyHrR8yQblxGI8kPgZTYp9pcK4HBFE9ik9YuP7tuNuo5jWIs6Kl2F2y1t3VyeYWrNEzlb9OO0BG7CIqrDB5a2SG9u%2BLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6a9e1b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 68ee4e2891b5a52719997e4ef8cb7aab
ae2e49eff010551d7f3dcf005a51530ee2910480
2bae50a834a34f248f6a79cf6f191dcf709c24b884f2d3da7fa43985c6b2d48b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4998
Cache-Control: max-age=93203
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:43 GMT
Etag: "63a96428-1d7"
Expires: Wed, 28 Dec 2022 10:30:06 GMT
Last-Modified: Mon, 26 Dec 2022 09:06:48 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.190.4101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.190.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7qONIzjAdz+t2RqpP7nsWg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: EKA7c1Qk5Cx+Gtmlj4y8kj4SB18=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5d3978967108a479b633f820f75e3371
e8dba45f8d70fac26a8d3f4c05afce32231ca23d
29c90351aec95c22fbddc08ce6a1b8223186fc4215e2d522238bf4bff36f2d8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-117111585-4
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-117111585-4
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 4ddaecb464da3dfbd3eb50b28ced437d
059ad6b4ab0ad30e348202ad1013b83fd6ca490b
c183e36b73fd663fb90a73de24a3d7ecf653e95948ddd820914eab253fbb0a4b
GET /gtag/js?id=UA-117111585-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Dec 2022 08:36:44 GMT
expires: Tue, 27 Dec 2022 08:36:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5d3978967108a479b633f820f75e3371
e8dba45f8d70fac26a8d3f4c05afce32231ca23d
29c90351aec95c22fbddc08ce6a1b8223186fc4215e2d522238bf4bff36f2d8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 27 Dec 2022 06:41:11 GMT
expires: Tue, 27 Dec 2022 08:41:11 GMT
cache-control: public, max-age=7200
age: 6933
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ae893eec23998fe856d6ee3df2163a80
d98cb1a1c82c429c2f6fdbbfb7461713c790da7a
24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.54.0
142.250.74.42200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.54.0
IP 142.250.74.42:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.54.0 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Dec 2022 12:32:23 GMT
expires: Mon, 25 Dec 2023 12:32:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 158661
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ae893eec23998fe856d6ee3df2163a80
d98cb1a1c82c429c2f6fdbbfb7461713c790da7a
24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11344
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 08:36:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11344
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 08:36:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11344
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 08:36:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11344
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 08:36:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11344
Expires: Tue, 27 Dec 2022 11:45:48 GMT
Date: Tue, 27 Dec 2022 08:36:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F305f952f-68d1-4090-b1d7-04817f0a2ab7.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F305f952f-68d1-4090-b1d7-04817f0a2ab7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be693dc109dd4beeee6f7f3ae2061dae
349168c24483cf12e3c10e176643b5f02316cbf4
2e4cf6b6d7f4e75d4dfd631a76a921734f3824563f039a6da20826d0bb3afc0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F305f952f-68d1-4090-b1d7-04817f0a2ab7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10281
x-amzn-requestid: 6f952ba1-d992-4521-83f7-ce18a4b75798
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYMFdtIAMFwyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129a-5b1ad9041a52fc8f049d37eb;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H3u62So8Z-Pe1gQiIpOjTUEvozSDuV3d2wZMKlZMDioFrtIwYjrV5Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 39108
etag: "349168c24483cf12e3c10e176643b5f02316cbf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea5eddeb14380ea8cac42aa38148db64
7c114dabd868011f04129602f8b1453cdf319afc
de8361a33abff7d78e8c87eb563f66f0aff9b23069b3136cfb132a5b9a17f377
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9262
x-amzn-requestid: 35b8f5ad-65a3-42c8-92b9-b5fdf1b54163
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs6HH1oAMFRhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-0588e63179f4cb152d048f03;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eb-FvrQ0mNDlvCFDWNUWeK_g0i3k62Jtoh0I5nnLysyI27dmB2OqrA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 11:43:33 GMT
age: 75191
etag: "7c114dabd868011f04129602f8b1453cdf319afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a31e2c-cb31-40bd-b9b8-cb71f5df8e78.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a31e2c-cb31-40bd-b9b8-cb71f5df8e78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e5739dd2efa4395ff34d0f583eb9b63
3cd47e707d1fdf0e4c7a9d2a1fde0863f8c22563
d65a006dd8dac4ca209162fe70985aaad49435d2e74047c3b3c73053d7e1f5a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a31e2c-cb31-40bd-b9b8-cb71f5df8e78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 2fa32c30-fdea-409d-aafa-dda3daeff901
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dx7BmH2jIAMFwvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa3ed6-1c4909815b6c35250e610aa3;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 00:39:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 49sf3ie2M7_VkzVvH82UoiQL0rhmapqtkSUgfq_Q1QRIGgdpUEnQbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 01:08:30 GMT
etag: "3cd47e707d1fdf0e4c7a9d2a1fde0863f8c22563"
content-type: image/jpeg
age: 26894
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bf353b055c5b241dc127a5f348288bd7
967babae78ca060a48978d1a29a20b459fa89aa2
4def932d04f53426b80ac7f3f366e1e8af0c76670f94c9ebd613309e2982d433
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 46bf3684-b3d9-4948-ab4b-09477cf5af0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxg-TEd2IAMF9jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1528-4eebb1950a70fb2d3a718426;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:42:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t-fFjRek8hGyiY7C49TCIXNHjWLSjsyOh8duU4ZHsrRIhqNSwptK9g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 39108
etag: "967babae78ca060a48978d1a29a20b459fa89aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8dfaac9e14198dfaa9db2d01c9ef304e
2f6bbbabb48431a27150219ef872d1ca10c73399
2c4fad9cc8a8c0ee6f54cc4eeb905eee1d8f028a528e3c8deb01f2c0cef250cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12451
x-amzn-requestid: 1fd618ca-f052-4a46-9b71-04a5df1f858c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYVFHqIAMFWPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129b-658fe5884efdcebb567d3747;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rP7UvSlN0uYvoMo5af_T1_A-41sONiTOxS7noQ7RMo9atlXmwPdhAQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 39108
etag: "2f6bbbabb48431a27150219ef872d1ca10c73399"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef44ad19-0b5d-4bb2-a2c9-a499aca4825c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef44ad19-0b5d-4bb2-a2c9-a499aca4825c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab2cf11fcbaeef5a5d38966128a5cae
e50dabaf242a56c09ae12d9f38c6fc25c6f4ab44
3612699b16f9df6fae82ae04ad5729d3d67e029ca51875c3a8674d7654ca89a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef44ad19-0b5d-4bb2-a2c9-a499aca4825c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11315
x-amzn-requestid: 3f56eb54-8bee-44b3-8e60-4699e8f67eca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfXYEJcoAMFXdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1295-2d1bd54e458370ac4216c07a;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VuxwGgd3RaM3CHAEeJEHHPeL9NhStc5ioUDzX5gz4VHa69an9AIOzQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 39108
etag: "e50dabaf242a56c09ae12d9f38c6fc25c6f4ab44"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c369fc9c5758cbb293cdc023c7468824
064daa6d61388909a901160cdd648c9efbe6a8cd
f870eceff6ac7f9816fa4d8789f35ef91a00e55e40c8d6b48a397512c3a6de9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c77f7447ba7820276d1ac891e88fee86
fd8aaa5cea881578d44ea5dd7a203c1d81ca1908
06655edfa86ea943cc8e188d953b4dc230b18a98c7268177edb9c728ceeacb33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-94998W1T93>m=2oebu0&_p=497620748&cid=1639112298.1672130201&ul=en-us&sr=1280x1024&_s=1&sid=1672130200&sct=1&seg=0&dl=https%3A%2F%2Fpost.bemcon.co.uk%2Fnewsletter-signup%2Funsubscribe%2F138a7c90e873f6905becd7f30d36cebe%2F3718%2F&dt=Newsletter%20-%20BEMCON&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 66 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-94998W1T93>m=2oebu0&_p=497620748&cid=1639112298.1672130201&ul=en-us&sr=1280x1024&_s=1&sid=1672130200&sct=1&seg=0&dl=https%3A%2F%2Fpost.bemcon.co.uk%2Fnewsletter-signup%2Funsubscribe%2F138a7c90e873f6905becd7f30d36cebe%2F3718%2F&dt=Newsletter%20-%20BEMCON&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
File type gzip compressed data, max compression\012- data
Hash 8b2e7d5df3a308b1234bc1fe4f9ac9a4
6832f507959039ea2df52407ff581876f6affb6d
e60a4f9e43b01e4fd4729b53d3c1a7060fba958cc98db13bd695d57623c27848
POST /g/collect?v=2&tid=G-94998W1T93>m=2oebu0&_p=497620748&cid=1639112298.1672130201&ul=en-us&sr=1280x1024&_s=1&sid=1672130200&sct=1&seg=0&dl=https%3A%2F%2Fpost.bemcon.co.uk%2Fnewsletter-signup%2Funsubscribe%2F138a7c90e873f6905becd7f30d36cebe%2F3718%2F&dt=Newsletter%20-%20BEMCON&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://post.bemcon.co.uk
date: Tue, 27 Dec 2022 08:36:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/64466d3cbbf967c1553e29b161b3fcfb.js?ver=3fcfb
172.67.199.110200 OK 51 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/64466d3cbbf967c1553e29b161b3fcfb.js?ver=3fcfb
IP 172.67.199.110:0
File type ASCII text, with very long lines (60586)
Hash 1875b02a275a168b8a27107727916234
a24e46fe1b9edd010d3008cb111e7b91fcc98491
b1464715dd77e595fb5d1c52fe0df0a1679998341a396f0059e236957301d572
GET /wp-content/litespeed/js/64466d3cbbf967c1553e29b161b3fcfb.js?ver=3fcfb HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=136350
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFioZQ%2FOCEYWP6gtpBqOJdpJS0fxTcvSgA2U8iUklgVfu0poiX1pHStyH81M%2BC%2FNtNN9ANQkYhh5oBm%2FJG0weBpI7eu8UP2YdcZRzGwsWHrLfRdXKEvSPDAm7UKtzAqEdc%2BiNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7cc5c0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9
172.67.199.110200 OK 84 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9
IP 172.67.199.110:0
File type ASCII text, with very long lines (8542), with no line terminators
Hash 81e3203322cece73e467f95921415a08
11e752477b5bf00a6609c7bf6ebfceb3860baeb7
60a4c81d6309497e487ff7022375ee01d65e369a21fd1c34f66333192f4f344a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8555
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxzU62Lzapn%2BsQcTmkZwsuh55RTU%2FPfxLq7lewOX%2FlFxU3wVXWV9vNh52GFrsFYwVPdBrJFWuAHmf8i3ZXfEoa47Z6bIdkHVF0g1UBgi75yqRY7eYq3XFOTpbM2aE2locycR5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7ac3c0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/e2999b3269638a45d24acc1603aebd72.js?ver=ebd72
172.67.199.110200 OK 19 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/e2999b3269638a45d24acc1603aebd72.js?ver=ebd72
IP 172.67.199.110:0
File type ASCII text, with very long lines (4955), with no line terminators
Hash d7f3c1bf4668099fafd4215255b18626
e643904912ae9ac83d2e724ea6dc6b4df459699f
517e91940dd39a0d00a2c884b348b127fd7efb03460da4a43b1d4544f5600a7f
GET /wp-content/litespeed/js/e2999b3269638a45d24acc1603aebd72.js?ver=ebd72 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=4959
expires: Thu, 21 Dec 2023 07:11:06 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmwB2dXYqRC%2FAI1%2FDb6gw%2FmOS%2FygvX24szd1SUA5SJIrTk6YFiVfipDNcNQm5FQRz%2FsziFKDVxOUhtVaaXGApeDvz21fFCQ2VKbEAN2CpnDrZkMjZeWDqOb6LArQTxFe5xdVkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7cc5d0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/7c297c371aeae8d7c1276dc60e4d3fbc.js?ver=d3fbc
172.67.199.110200 OK 89 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/7c297c371aeae8d7c1276dc60e4d3fbc.js?ver=d3fbc
IP 172.67.199.110:0
File type Unicode text, UTF-8 text, with very long lines (31519), with no line terminators
Hash 4f30a41c94d0d967b1eee9163a88203d
c019662e34030173a68d78aeed4d58a392297bf6
6448463dd25e2e00e572dcc17f9339ee176ece557f4ca97b4f61afb028ce9574
GET /wp-content/litespeed/js/7c297c371aeae8d7c1276dc60e4d3fbc.js?ver=d3fbc HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=31524
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjKCNW5lGoOeakwWBQqFkuYTnGzI7Q6pIFpP0eOjNIYEDf6dYAmZkuWbfNv48AonOzhxhc4eGm6acVBT7HuqbiJit4KTiffE7wc3ihfxbMUxf8d1XlF7XLpIZGlX59KI3VTYIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7cc5e0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/52189adb7969e29c9e8d07516d37ec71.js?ver=7ec71
172.67.199.110200 OK 1.6 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/52189adb7969e29c9e8d07516d37ec71.js?ver=7ec71
IP 172.67.199.110:0
File type ASCII text, with very long lines (2621), with no line terminators
Hash 7e470ea7feccfcc919c0d41bb9aa22fd
34a40a34d17e21c381cf3750250d5719e2f6f7f7
ce8277a0d917f2e2b9399aed69b3a7b613fb7c00b20af9ca6d4587e9f6f04bb5
GET /wp-content/litespeed/js/52189adb7969e29c9e8d07516d37ec71.js?ver=7ec71 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=2622
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHRkrI4CZQ%2F66bX%2FMnriPwtS6cvLQWOt2%2B1BLcrYP3bU08w2nQ2AdCSJ%2BkYk5y8nb9vhLtpqnjeL7GyjKHC7fX4uvl%2BgHprgn5Hc0PaRyiyj%2BfftUAMM5lRjFfdS%2Ffg%2Fqq3IHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7cc630b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7f2ed0d8a18af500682ec994cd3a5e15
48032c29ccc60c09f0c003042d059e83ea493ecb
8c49d81420b293298bd75222f60fbc608c322b36944963d93b6a15b12bcb0e8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7f2ed0d8a18af500682ec994cd3a5e15
48032c29ccc60c09f0c003042d059e83ea493ecb
8c49d81420b293298bd75222f60fbc608c322b36944963d93b6a15b12bcb0e8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
post.bemcon.co.uk/wp-content/litespeed/css/3a3078582f0bb387c4481a1fbcdd088e.css?ver=d088e
172.67.199.110200 OK 8.2 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3a3078582f0bb387c4481a1fbcdd088e.css?ver=d088e
IP 172.67.199.110:0
File type ASCII text, with very long lines (43661), with no line terminators
Hash d15f02fefdaa9e8d356592c051c225d7
f66894fa66d292b50a3282be02b9d9257103e4a3
01ecd6797f059c91d86ed55d3ddbcbbe5dd0df36e9bef6407dcbe46ef08e2478
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3a3078582f0bb387c4481a1fbcdd088e.css?ver=d088e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=43830
expires: Wed, 27 Dec 2023 11:54:44 GMT
last-modified: Tue, 27 Dec 2022 02:19:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0uJQifMeM%2F4ZXgY9ZY7sF3cRLYwjU%2BnVcLCv06klq9z5L%2BVMlcdRMW%2BUPEEFNCMyuoVsnxrsGIIeMZ8%2BNgKdnSxeFkkwaY9nadZ8F0mzLQWT9UWGmXi3duGNsmhLg9jfvgsjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf77c150b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/8fc53b56672390b70951c0eb8244ed80.css?ver=4ed80
172.67.199.110200 OK 40 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/8fc53b56672390b70951c0eb8244ed80.css?ver=4ed80
IP 172.67.199.110:0
File type ASCII text, with very long lines (18456), with no line terminators
Hash 2233019693a7ec95f828e86300c20b20
06b99c64bc88449fc6269350cca7f414a15a61f0
e8df2746b4f0129c99d57f6c5e2a8fe12724b9c749aad6cb3fa09fb9bb8b5d42
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/8fc53b56672390b70951c0eb8244ed80.css?ver=4ed80 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=18468
expires: Thu, 21 Dec 2023 14:38:21 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC%2Fl8CqGqiXhWysmCU3OIgO2wzBj%2B4rcOZ9gktgu32zd2n8%2FEKJ7I7BVWrObs1xVfeOqm1f5fKgUXq7Pwed0Xm%2FbMQySMn%2B2cZ9kAsTBtbfiZq5QojDqZ3JBKvaOJd4TWL%2BiTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7ac470b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/48dacf856126aebc7aa3c111b6fc993f.js?ver=c993f
172.67.199.110200 OK 47 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/48dacf856126aebc7aa3c111b6fc993f.js?ver=c993f
IP 172.67.199.110:0
File type Unicode text, UTF-8 text, with very long lines (46785), with no line terminators
Hash 1796f7e33e9a3349a1f93756aec7107d
28ea4f1e4fb1195813c1128749c00ddca02798c8
52e609d3a46a82c365c1c40b8bf54e2264278d9e4be10f06a6d4f5c619cf0b71
GET /wp-content/litespeed/js/48dacf856126aebc7aa3c111b6fc993f.js?ver=c993f HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=46788
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MySGKAsfe%2FzsFN79j91j3y1ivylLX%2FMvyHTuIuJQdupgTlz8aKQ99vo9pyDYx2CmnsyiOv6QxuwRDG1nbmkPWbw2aLlK0ovLBSYTxXYaQA5m6pEo%2FlM7sIZYnhYqbOWV2usfTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7ac4a0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 07:08:09 GMT
expires: Sat, 23 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
age: 350916
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.35200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Dec 2022 21:08:54 GMT
expires: Tue, 26 Dec 2023 21:08:54 GMT
cache-control: public, max-age=31536000
age: 41271
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/0e24547e87fbc223fc3b100e6be9af12.js?ver=9af12
172.67.199.110200 OK 46 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/0e24547e87fbc223fc3b100e6be9af12.js?ver=9af12
IP 172.67.199.110:0
File type Unicode text, UTF-8 text, with very long lines (8192)
Hash 49f1762e9b344e9a2a750f2eccf337d3
0ea0e1147ca65dad4624669f1da7ac712c094f27
c9cf6916ee7307cb16ff58cf6b5cfac066cc6590fb4785f52b84381f92860c56
GET /wp-content/litespeed/js/0e24547e87fbc223fc3b100e6be9af12.js?ver=9af12 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=21442
expires: Thu, 21 Dec 2023 07:11:06 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXnXXeExClbJY%2F8zq9u8nFub5OamTbxOQU1ZLmO9F9USGmNGw9nFNCbsW8OWXMNBld6UoFmSxKlPIUydqZC49ICzfgIS5YjGqcx7qYlhCxZSjBFI7POJzpjiLdWVfvjDqIsEHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7cc600b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7f2ed0d8a18af500682ec994cd3a5e15
48032c29ccc60c09f0c003042d059e83ea493ecb
8c49d81420b293298bd75222f60fbc608c322b36944963d93b6a15b12bcb0e8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
post.bemcon.co.uk/wp-content/uploads/2022/12/Project-Management-Professional-Header-300x300.jpg.webp
172.67.199.110200 OK 20 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/12/Project-Management-Professional-Header-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1f569aaeaffca22ff42fa6d38d4f4c1
71008a6904c9e5a7244855117dd603ea2ef080f9
6535ab28c4e668de8fcd05c1ebf872867350eb03b6f11910df7c996681573d9a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/12/Project-Management-Professional-Header-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.1.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: image/webp
content-length: 19606
cache-control: public, max-age=31557600
expires: Wed, 27 Dec 2023 11:59:53 GMT
last-modified: Tue, 27 Dec 2022 05:53:47 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evJ%2BtE78ktXjKOoCuA3XsZOigF8OTu08CzmKHCv9HqQB4wTPHVpk1QPwMKux2fGfjZZ%2B5423621RVZt4sKxZ6NJhFPLW2xk41Kcz8bCFw7n03A3OKHKWzQhMkaZKoKxmXKDrGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafa5e100b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/47d0396436e2cc0fa3f60d0198175d82.js?ver=75d82
172.67.199.110200 OK 40 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/47d0396436e2cc0fa3f60d0198175d82.js?ver=75d82
IP 172.67.199.110:0
File type ASCII text, with very long lines (40694), with no line terminators
Hash 7f8a0e3f5918752d5c1a711cee06c078
1615177f8c15d4dbf1ec47f71a76c41eab94ad57
4daf827e317fab1d605d28dfb43d0f576dba50edc7fe4a8c94a9db95ade22f88
GET /wp-content/litespeed/js/47d0396436e2cc0fa3f60d0198175d82.js?ver=75d82 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=40698
expires: Fri, 08 Dec 2023 13:11:54 GMT
last-modified: Thu, 08 Dec 2022 07:11:46 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkOULjIZIi8lSaruCT9hFGithJtGsEfgnjm23eLOwljNstzu%2FcRhlhYKMLIiBZuxDIr0OQsW3p%2B3Uc6pjgH22Y6iTDQ7oVhUhaek%2BZEZ2ANvLmw6rGuTUJ5i9Zb3A3YcZWbbUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7dc670b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/78cafe03c4240fb94d45f5cfa70a6530.css?ver=a6530
172.67.199.110200 OK 85 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/78cafe03c4240fb94d45f5cfa70a6530.css?ver=a6530
IP 172.67.199.110:0
Hash d570511a4016c6dd2ff0f35f7dc263d2
224ae184480e2db8fed359f02e63fd81f967fea9
3a50dc63ee3c3474bf7e8493f2be5679dec0336187be446a5a5816429c0db15e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/78cafe03c4240fb94d45f5cfa70a6530.css?ver=a6530 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=999
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B%2B0%2FOWrkUWscLxpBU3G336mw8xneeJUOgtUXJs44PnW%2FU0SIqpGigaDdsPXXl8YJVjslo06MWEqYbnm5IC6O0AdT34SSIA2H%2FMutYdXAYHk%2FXp2qAqp5dUch168DSlRN7tT4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf78c2f0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/8df24cefe66ccc25c0fceb0fbb1371d9.js?ver=371d9
172.67.199.110200 OK 25 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/8df24cefe66ccc25c0fceb0fbb1371d9.js?ver=371d9
IP 172.67.199.110:0
File type ASCII text, with very long lines (12199), with no line terminators
Hash 1d7ce631520f7f00cf9b36935cec2568
726a636e6e15a84adbb668b248625aecd2b49012
bf3e9567243494b110f34d6121ce171079dada96c4b77eb9eaad2ab7c14f92ba
GET /wp-content/litespeed/js/8df24cefe66ccc25c0fceb0fbb1371d9.js?ver=371d9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=12200
expires: Wed, 27 Dec 2023 11:54:45 GMT
last-modified: Tue, 27 Dec 2022 02:19:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJ%2BSYFmyj1EfC4fuARjGbHE2vKDm%2Bzg1ckoLlEvddxMwIfNP88xsD2LTPaoUa%2Ff8KFU2qlG4RTYNMLoF%2FWmR1GBBqsJFIMDG01imVVmDHWMrVFL86tPqm88Kwkxpbl9wBuwrjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7cc5f0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2018/03/Round-Logo.jpg
172.67.199.110200 OK 29 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2018/03/Round-Logo.jpg
IP 172.67.199.110:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 51b871744e1dbcd7d87ba34473dd8dd9
ac74c6847b26e0f5e9d380da1d125839f1b3527d
b3aaaf33574f33993d8415b5630530c79f311f491908b9550a383421f8fd40f9
GET /wp-content/uploads/2018/03/Round-Logo.jpg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.1.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: image/jpeg
content-length: 29108
cache-control: public, max-age=31557600
expires: Sat, 23 Dec 2023 00:24:37 GMT
last-modified: Mon, 28 Nov 2022 21:48:02 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5524
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8OhTk2LU6SvGEKGMuYvGbDX4S588GXWyhzLuLWmYqDNuHZCFEKEf6V7TC91PuIV2jLny9YPdUBSCsAJyvP4jrgaZbLFOpXyxlN1F3Rjxzk8EIQF4%2FQuRiswS21hACrifgCmSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafa8e2b0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2018/03/Round-Logo-150x150.jpg
172.67.199.110200 OK 8.7 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2018/03/Round-Logo-150x150.jpg
IP 172.67.199.110:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 2c08ba0e05cb35444703f37018a94dec
487bfe824d9ab1efd0697a4bbf4cb84b9d526950
fc078772c54557e510d8d0205a35a63e1b71ed71fa483fb8d198bb4e09622122
GET /wp-content/uploads/2018/03/Round-Logo-150x150.jpg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.1.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: image/jpeg
content-length: 8724
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:46:58 GMT
last-modified: Mon, 28 Nov 2022 21:48:04 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5524
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wz5EROFaOpR5Y4sjGi6Qw1kLq5rjAaStxgvjWrUTE65snFnlfDDJ%2Be0s5NATN5zEeqbXphZY5Se0Fp23Xu2inb4Ro%2F2dy%2BM4bABDcYdJcKEMxIZ%2FzaAC85d8YeeUTYqGbkjiRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafa9e2c0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/cdn-cgi/rum?
172.67.199.110204 No Content 0 B URL HTTP/2 post.bemcon.co.uk/cdn-cgi/rum?
IP 172.67.199.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1231
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Tue, 27 Dec 2022 08:36:46 GMT
access-control-allow-origin: https://post.bemcon.co.uk
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7800bafbaf030b02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-300x300.jpg.webp
172.67.199.110200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b96e2e3cd87985b8ad3790f8956abe94
bfcfd491837ff8b9309961f7bdef6f447734efd7
34fc5db04ce0f825e4410bc65c2790fc3315f0dbc3551f9819b4b4e20577a70c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 22766
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:15:22 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OC182LxSRCF6NTWaODRfLslLZKCgU3bqIuXqhRHeowgF8MCDdht1bse%2F5u8JQZeZXVdwGW5O%2BssGY0QNOmsTQqAnaI3zQcbDpr%2BIuZoiODYDYUimIQm8Yx98%2Bz5YTghbx9TBZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafc8f900b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/IADT-Level-3-HABC-300x300.jpg.webp
172.67.199.110200 OK 18 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/IADT-Level-3-HABC-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ebf8a22fd0796a63794eff51a3a0bf4
7d824f577e275c70dd25f126ebf244071665f097
f3f9fcf05bd56d68b275eba918a2773012f005ca71361036713f63d1fbf91a7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/IADT-Level-3-HABC-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 18122
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:12:14 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLhVEMSMq6kx3%2FgeBjxjfNcm18bW%2BEmdZ%2FbIdDdEh3ioXuoYYzUXdp98rAFOhsepFTQMepkYP5aQpbH9PPZQxDytIwBuJkHQkse30ez7elCL%2B4oUJ%2Btk6jQ6ST51j8QtXs1vng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafc8f8f0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/6ac4f84452bda369dbb2a21ab0441010.css?ver=41010
172.67.199.110200 OK 40 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/6ac4f84452bda369dbb2a21ab0441010.css?ver=41010
IP 172.67.199.110:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 18d90fafc8f6e62dd8e18cd53527ee7e
e0603051d47e71fc9ea667f8521b7f51a1609d90
02fa9a143cbd04302e30d6d430f3ce22b18f9efcc8de0d820918322786a4b879
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/6ac4f84452bda369dbb2a21ab0441010.css?ver=41010 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=94154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:03 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmlpOxS0lglwBEUe5vg5YB2qnKHDexv0hkHHUX2YCNEr%2BqW%2BVlkFOBO7LY6FOc2HuNpC6%2BFruDp%2FFIJh6V2l9XXbtPjjp8toNKMW7RpA4cXA6QtQZGnjjhQToBYTI4veC%2BVNQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf76c0d0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/4909338963a670627dfbca0bfdd7c0ee.css?ver=7c0ee
172.67.199.110200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/4909338963a670627dfbca0bfdd7c0ee.css?ver=7c0ee
IP 172.67.199.110:0
File type ASCII text, with very long lines (9923), with no line terminators
Hash 6f56e4b57035e3c4cd9567a3377e83e8
7333a7b630eaf62f139c7a1fcf49de1f37980c13
b59fe2e3301929148b112c53fbd7b32044b3f0e199f93b595ad453ce665fcb5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/4909338963a670627dfbca0bfdd7c0ee.css?ver=7c0ee HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=9934
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1McjxAVQ8OpU3dxSTOv6NzFskbGA7uY%2FZJ5x8RY6IAXF28rOtPKl6ortylW%2BGLRiqacj2WsrPYsbSgCw1%2Fk7F5joNxyAGkI4jzCS5f1jH9egGMhXc%2FIi56Kt9HjRQlZsJFJeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf77c200b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/e85d957a2d1befcd3bbc2215e1b61407.js?ver=61407
172.67.199.110200 OK 20 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/e85d957a2d1befcd3bbc2215e1b61407.js?ver=61407
IP 172.67.199.110:0
File type ASCII text, with very long lines (8339), with no line terminators
Hash a4e37186c2a5659aa661777031bb4e8d
51b7c4008c76839a0d1bdd66fb6d09467d2d7be2
5cb5bfc897ee24c2ff9d5ee8241b9437ba9e996670b62c7d00d3df46063cdeab
GET /wp-content/litespeed/js/e85d957a2d1befcd3bbc2215e1b61407.js?ver=61407 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8340
expires: Thu, 21 Dec 2023 07:11:06 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQPQv54bdSAaUUbXlF5PcMhpd%2Bg3S0kccsI3D8YbvPAVmERIaIAyJm6DlMU8gWt3Ct%2FnE6dWFo439HcEMjF3izdk%2ByAA3mBguftmkQQQnnCGTmLWf9GMpH2tT2uYdMkFmY8wPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf79c380b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-17025-2017-Header-300x300.jpg.webp
172.67.199.110200 OK 26 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-17025-2017-Header-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9411fa4ca3eb8efd69af511686c41a40
73e2deb9b9c3c900de60ce44a57ae671a87cd3b7
305e762714a0a74c1617aacaa46935c5317744eeb17b86ba452d7afe8ed039c9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-17025-2017-Header-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 26478
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 17:57:00 GMT
last-modified: Mon, 28 Nov 2022 14:03:02 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwfCNmfxLuPFHYaoUyq%2BM75LEZZJW9wck7mxDYXuCYYvTPdjsKJGvcjMx46QcaUdrttSd8f9SYavIhqCjyQaOh5PvLj%2FkgOJxNtzGMFlSCC7ondIF73OHcusxb9A9otNAXSvVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafc9f9b0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/11/ISO-17025-2017-Qualification-Prospectus-274x300.jpg.webp
172.67.199.110200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/11/ISO-17025-2017-Qualification-Prospectus-274x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 274x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 529396572e76c202f885a099af8fc32e
32570592e17acb5a0ab5cb3af006dbebed7ede32
edc7a19901b8a3cc3a795b11b7f65f980ef2011e07b822e50121f2f2abaaa041
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/11/ISO-17025-2017-Qualification-Prospectus-274x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 22768
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 14:10:56 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLqPzX44saEPTDdj1m%2F04kfd0cFKXVjJ56u94w%2F4cFwGx99bBGRLR8AsxN4jE4odCnHaSrguL45VYkw4XZWQXduRWxvruAAjYGQOP6N3G9vzGTov5uJwAe1Fp1wKh3r3Tjm8%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcafaf0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2022/08/Food-Safety-Level-4-2022-300x294.jpg.webp
172.67.199.110200 OK 28 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/08/Food-Safety-Level-4-2022-300x294.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x294, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec513d3eae17643d1a426b56f197f8cb
b7e2bc93206eb88295bacbe7c4d3f03771b025e0
961a5c30673d04aa6b214f94bf30750e5da808c740cdd98b47d49001446d30a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/Food-Safety-Level-4-2022-300x294.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 27528
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 14:03:25 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2Bm6ScYUcasdL5%2BqQoPpDVOc5yP0gIQ5iX6RMPsUE%2BE%2BpBIwJpJfcKfozrWpAV%2BJbBLgZwJD%2Bt1iGD45kZ7qvDUPZxeELlMRmKU1v1RNxbT993LjqYjtvvznm9HRCCcr%2B2Xsfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcafa50b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/09/Total-productive-Maintenance-TPM-300x300.jpg.webp
172.67.199.110200 OK 24 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/09/Total-productive-Maintenance-TPM-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63c333cfe72a7b79b5db43427a86a433
cc79b5b9f344238f464bd5bcc03142fdea6dc3c6
48c52469ff1cfec945142f7a5b97ec247237cd01070977ce94758c15b548af0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/09/Total-productive-Maintenance-TPM-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 24064
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 14:11:49 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16jxgYGrMfaXyfNWOE1dqNb%2FNRfeqIXBIU%2BLYt9UuUOF9%2BmekA%2FI28rv261ad0rbLMvFl4Y37bXx2tXxOqnmcD9HEa9CAccozFyN5NsnYZuYr3GBofUeB8u4CngRhw300EoCnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcbfbe0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/09/Truly-Nolen-Food-Safety-L4-2021-300x300.jpg.webp
172.67.199.110200 OK 22 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/09/Truly-Nolen-Food-Safety-L4-2021-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81b30d347f65d02d3f10571ce627a54b
91995d6aa7d6830ba2d71afce49198e55f48457c
7f6044367d8689c1b9ef8731be1dec4071dc6afae669236ade6313000f1b5bab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/09/Truly-Nolen-Food-Safety-L4-2021-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 22328
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 17:56:59 GMT
last-modified: Mon, 28 Nov 2022 14:15:20 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLDgfXUPhAya8cVDIuM7eYoBbPUfbQD7oZ6Iuc4x4flcsjdq4GDnxEOP0jc9SkwZUJMYsv13m4y8h3okzLzNv4iT4npTc%2Fu9wESxH92w3mbq4y8GcKE%2F%2F5nG8UGs%2BFqItuUz1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcbfc00b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/07/Food-Safety-Level-3-SFDA-Dec-2020-300x300.png.webp
172.67.199.110200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/07/Food-Safety-Level-3-SFDA-Dec-2020-300x300.png.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed1cf9be6942815cde239b103da60352
bcb087d18ee20fff3a59810c70ce2adfecf6b4b4
ab5c4175fa307a1808fdde0a1c55b4f36dc5fefe7df2409b9a68eaf1d9a809c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/07/Food-Safety-Level-3-SFDA-Dec-2020-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 30686
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 15:01:50 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Pv9KxNp7ZkiIKOPjHUyS7s03uuFfkQ1wqKAp1OirsTU0UZIZbQV2xqb89jAXx4EncUCTy9lwZ7sHomjTjRbW8e4d3z%2Bban7K1WIXmGK7%2BMP6z3e79fBDAu7wNeyUTtP%2BQ8XXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcbfc10b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-300x300.png.webp
172.67.199.110200 OK 22 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-300x300.png.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9af92f22bf26b096f92ac5233fe3b881
371d469b51f1d14fd3455b98937497073c53c789
9e9e48c98e4bda2060c47accb82560804ccc839d8f78ea9b8595103ebb7c18c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 22010
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 15:02:12 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUe6u0OLVL%2FEHDKlVT23SQoT3WOKd1UNDa7pIgerh6ituoC0dEiqRHFiHjiiGkhu1lU%2Bu39bZMGQAJpIPaveAv2HCM%2FV%2F9N0kjckjHE%2Fo%2B6mvgx2gNy%2Bm90FJ0%2FwnW%2BkNadG5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcbfc40b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-300x300.png.webp
172.67.199.110200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-300x300.png.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65099fa00fe97a423f72ee03b6b8e3c5
666c0afe70e85e53bba7fb93d47c75e4b7f5f7b0
d71c51898826679c8e0200f70d9162964371113ef516a2818e2c4aa0849251c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 22796
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 15:05:57 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t60JI19yo33tDSKAR6beboT7fbGQbA%2F65oFlH44JVCXiPS1RdCCyHZ%2BWqLGsJ76rfnd%2FLkHEXyaKKwy2kU3T5rAZfGtANoftIYbVtfg3ZlXVVVE02XY68pZZIDkoX3tEmUHiQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcbfc70b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/07/BRCS-header-1-300x300.jpg.webp
172.67.199.110200 OK 16 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/07/BRCS-header-1-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0fb5afd47d296d96ba83d8b6ff0993c2
737c10b3d6375c5d73b4ce790d45b69fef712073
24b1307b0616e03d3a833e565fcd44424c3633162e129bbc641cb2ab93fa0189
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/07/BRCS-header-1-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 16326
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 13:57:47 GMT
last-modified: Mon, 28 Nov 2022 16:40:22 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiuqSvHvhVO7VLKpONfp3Huv%2BuC7y5u6Sw%2BS5z0WdScWkPMfAscwklw1JKT8%2FCfULGW25ea1nmcLYjnx04cYMLc06nHpS7k2zciPI31LhkRCbpeQzta91TJ3dVARTc2vj8CSTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcbfc30b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-300x300.png.webp
172.67.199.110200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-300x300.png.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ac472b9fca7fe98edd077bebd5ebbc41
15f952431637e7d950058c4cad975cb6d5f7237e
e70872efa285d6f6e26edb920f767faeb425767c2c461fb5bc547f9cd1a25086
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 30894
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 13:57:47 GMT
last-modified: Mon, 28 Nov 2022 15:06:15 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jl4fbjVEdw98Cs9eufB%2BrOtTY3uQ%2BE0enxfl6j0usu4gNO3H4AA4gZ%2B3CpLivVyUDlZOmQaBmi3HilSbvJ9fvC7%2BJk1e4SQmFxYN%2BM7PzhuuDH9Fny2EhhgNZls8bXJT2u8wdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafccfca0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-300x300.png.webp
172.67.199.110200 OK 25 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-300x300.png.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cb3cddbab5b1d57142daf4f91cdb2e3e
1d961c38cc00562c00410e38958eb98f68dbdf75
f2593f70fc27232b1d5f08000292b0417570ff434bc05775c87fbf7e7976d39c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 24966
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 13:57:47 GMT
last-modified: Mon, 28 Nov 2022 15:06:34 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eshJR1C0Ai%2FX285ZZIOXUtLvepGwnLvJ6gn98pMXXSeJ1R0%2F5tPc0aEyJSYh6VPLEe0Nkp3v7NPMTjEJdXAqPxohd9jdxeZW%2BhNaqDfH2n%2Bik178plrQ%2BxOWPtmmVAv17a26Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafccfcc0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-300x300.jpg.webp
172.67.199.110200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e1bf31ed06afc171ef5dbc8b8e2ebe0
9a8cd884a751d648760a5d624a297041ec6889ea
2bf7386950acdc093d7bcf85d14c2bf6d8cc4dc1e607c51b33d627d6c901bcbf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 26712
cache-control: public, max-age=31557600
expires: Sun, 17 Dec 2023 20:29:13 GMT
last-modified: Mon, 28 Nov 2022 16:01:25 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mE7fHzfWrMR3B6xxWKJuQFOS%2FwRr8%2FXUCW%2BubCFcSyOfMef%2F1GZZ61iXmQLZGGcbncL%2F4lxkLLebzP8k411MonL1zJl1RLRNqu8dB%2FOo4nm7Fa8Z2GnhRsLkZDTwkQsSaI9lLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafccfce0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-300x300.jpg.webp
172.67.199.110200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b6d72fd74a9dfcb6c7f37adcb4e1442b
a6eebd81867b9627e30ed42025190508ed7d074e
819c047e9db83e01985df7829603d15dd6b2243b16273bd25fe81fe10cad8055
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 23266
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 13:57:47 GMT
last-modified: Mon, 28 Nov 2022 16:04:35 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9%2Fg1J1hxX98P5QBf%2F4YC7T8Xm9WUfUHaVWZGGuINkGS3WQQdqbxTUGczSeKvoOMalOP%2FlKdDwbJC3m8nHW7TZ14aLaGqU2AZ8j%2BIpkuWILTslDf8MkNkJq4OEACqxLPV697UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafccfcf0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-300x300.png.webp
172.67.199.110200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-300x300.png.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 729c13ae885c021207d6fe662793f9da
e1c8f2ad7e1126ac04f6970168d8fdab2a1bdafc
27dd56f4ceb1c5238fcf2befb725444baeabf01ee3c8edf2ee4f18bcee1e6298
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 27014
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 15:09:55 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdqHAIgtP7Fwck9tPz34ndhGIGopfxW1ytY7IaaDJJCfez36K6RaHLQMsq%2FOlSiiYnovJwO1V8eH0ffm9cJnJwL69oJPJrotUJbq51MAc9ZJqixhuWrSpRIKx4EVtwSM%2BvEm4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafccfcd0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-41001-2018-Facilites-Management-Nov-2020-259x300.jpg.webp
172.67.199.110200 OK 15 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-41001-2018-Facilites-Management-Nov-2020-259x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 259x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8090830b6ad1f4205872c091b0e5527c
dd549135f6090f3880d6a7607c852ea726ddfcb6
abb63743310261d47fb35c1d3a0914e4a3a5a8e6c8b80a8636af3ce39df3b7b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-41001-2018-Facilites-Management-Nov-2020-259x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 15400
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 10:52:20 GMT
last-modified: Mon, 28 Nov 2022 16:04:47 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNaW3PnAEMoCmQYT%2B6MnXme64a28%2Fqhsun4Hees9z91V3%2BHvtGrcwve35XJWIRxxYMmUtqwIqrjaTE7XM8ZF9o3iP6GO8acD%2FlryDmxutcwPPvQAVZvWKiDeRm%2BrAj9VoJVezg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcdfd50b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-300x300.jpg.webp
172.67.199.110200 OK 17 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a2e98c28dd538561443765ea2a9302a0
cb736497b247c6ae6a7ac34323b0b7f294907f01
5a0192a6f86bd6b509d244b1a8c80af7a51384d39ddbc6477178b25573113e49
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 16874
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 14:38:24 GMT
last-modified: Mon, 28 Nov 2022 16:04:59 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRv%2B%2FLHWKA%2FpSPe5%2Bs%2FAQZGsrHOorf7bZqAVDZZJsX%2Be2PUJ1Z858BabXtoWnJanPvdzhz12BaMn24lnTciCrNBvLOBrFSEbBLeSHZRPgcGJ%2BfwKwb4dkUuRT%2BAYy96XyxBkHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcdfd60b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-50001-Energy-Management-Systems-Jan-2021-300x300.jpg.webp
172.67.199.110200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-50001-Energy-Management-Systems-Jan-2021-300x300.jpg.webp
IP 172.67.199.110:0
File type gzip compressed data, max compression\012- data
Hash 636bf0dfc595c96ea40852d20489cf38
c6f6ab661531d73d249434632c4048fe2feb7f4b
be0077eee8428a59dd8917219acac5a1e6621332620ad8d3f85bb651d5ef863e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-50001-Energy-Management-Systems-Jan-2021-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 27314
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:05:23 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg%2BRGIJd7bWUiCqYeaIFkEHKwmI467ycC8QXQ%2FxmZ2B2LBb9HUoY9fXa9KCOYOMugFvtK0Uwt6zv3zMH%2FQQLBWrXIP3i%2BB%2BL%2BvGCY5aub6FtDjIV94HQa%2BQwC0BDhJebeSu2Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcdfd80b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-37001-Anti-Bribery-Mangement-Mail-Header-300x300.jpg.webp
172.67.199.110200 OK 25 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-37001-Anti-Bribery-Mangement-Mail-Header-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ee5726ca7ee6035fdc1bf42bdcc330f0
3ef17a2dbca3ce04cd7b57997ac4bd325277586c
9c4da6a7ba89c24d94e05c211ae1f142091c245c81df5e415f7414d67e53669f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-37001-Anti-Bribery-Mangement-Mail-Header-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 25026
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 13:57:47 GMT
last-modified: Mon, 28 Nov 2022 16:11:37 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vrhn2gu1wwgS4t%2B%2FpvDPbMtUlWy%2FMZcXno42TJzUhYwoh2KrcRbdOXGnPWrCBC6%2FU0De%2F8%2B889J5PVrklz1HgfDXxSov%2BpoBhYJrwE8cETvhB2bQMGpo5epl7sN9yVmNCTf03g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcdfda0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-300x300.jpg.webp
172.67.199.110200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a971943552483f7bcf4fae247c518d36
6fb82bf20c39936d6a528233a39b13f8a95fc2ce
2289b5bf4834509f92343a447e6143bb82679de28c3883cec16359754fec0e5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 31340
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:11:24 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kowhn72NuUOIA%2FIMJisZ83N7jGGx57AcE8I%2Fsoo4PPD18KGq9BY3rTj%2FPB5rHS3s%2BFh%2F8vL8hNqfnAMCh%2B1XMzLLJF1ScXsyITal4Aj%2FgR%2BgMhoK03Qp3YnMrIshPXd%2F%2BV%2FiXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcdfd90b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-300x300.jpg.webp
172.67.199.110200 OK 24 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52841cd791f4f4f693ad64217666b636
135c498125d476286fccf408dc94c7f8c180b006
80030c47d604fff9783d1faf7318250238422524e2829ea8d9b06fd82c05c516
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 24418
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 14:38:24 GMT
last-modified: Mon, 28 Nov 2022 16:11:50 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NDdvX%2FhO5XVO919lrfs9tH7kXG7AESomEbsSVezhP4OMhFhxd6oc7D1kJsOTx8Xzpx0MJnY%2B%2BgGaysGVMIfCOWk15zd3Wpotm09Hzc90gxGhyvHAb5rsL%2FJFsjwbDDgyE62nFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcdfdd0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-300x300.jpg.webp
172.67.199.110200 OK 17 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-300x300.jpg.webp
IP 172.67.199.110:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 36530b5668603e70d54dd596f155808c
f346c683a49826b7cb1db988dc92610fe5c720a5
e09702f7444d240cbb596e8712da096d8ecc17b197f74950019f819a4ace1261
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:46 GMT
content-type: image/webp
content-length: 17346
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:12:02 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7IJvDAZNHq5sVKkewMDNwh%2BS%2Bh9YD4RCEOOSpMg0n9BjbMrUSV5Q8QQTovkjlZbhmfI87oHVicxBIlK%2FuLKf8Qy%2B8xEvWOUSFXXdSjuVD2n1QTLG7gScjXF0fel%2BwKwqvNgStw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafcdfde0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
142.250.74.35200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP 142.250.74.35:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Hash 48d399faaa696e710b9d841b934461e2
8b867014ac0ae0a2b81a55f171deede8336a496f
c905a4d23caf1f95d96c244084f15336fba5f65b74de870ec5c2be878410625d
GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 17:49:32 GMT
expires: Sat, 23 Dec 2023 17:49:32 GMT
cache-control: public, max-age=31536000
age: 312434
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
142.250.74.35200 OK 88 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP 142.250.74.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13847)
Hash 380f6f858851fdbe0a15c1df03a14a0f
cb3c5b036448c6dfea202c0cad77f6ad93e96bb3
a8fb125cfa3278456a3f531b153ebc6d258145eabce7daafda3e5bfb46b573de
GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 17:49:31 GMT
expires: Sat, 23 Dec 2023 17:49:31 GMT
cache-control: public, max-age=31536000
age: 312435
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/cdn-cgi/rum?
172.67.199.110204 No Content 18 kB URL HTTP/2 post.bemcon.co.uk/cdn-cgi/rum?
IP 172.67.199.110:0
File type gzip compressed data, max compression\012- data
Hash 9195fd2a6dbd83e4f3cb85b0c03eb78b
9465ed33757d7229757d3e4e32fcb4a326986017
c291aeb5df693869a5136e23fd55f7a6b9d878992d2374e4e3bd8ef14def6c2d
POST /cdn-cgi/rum? HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 754
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Tue, 27 Dec 2022 08:36:51 GMT
access-control-allow-origin: https://post.bemcon.co.uk
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7800bb1d1cac0b02-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/35e6ba9a4fc68709f41df2ebc67dda77.css?ver=dda77
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/35e6ba9a4fc68709f41df2ebc67dda77.css?ver=dda77
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/35e6ba9a4fc68709f41df2ebc67dda77.css?ver=dda77 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNPbjuVdJykbUOdGK7kXOujX1jlfK0%2FcIppycBXfxtHvkvgUv%2Ftl79fGA28o8G%2BcDgwdQ8K1JzAXoAf73SF6JgC%2BQr1S0Ye2gNFNK%2Fef%2F3Gt9eb47hWMMaiYcLz11Gf6QZHHIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf77c210b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/824e22c6742edf19741c2baf5f990b58.css?ver=90b58
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/824e22c6742edf19741c2baf5f990b58.css?ver=90b58
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/824e22c6742edf19741c2baf5f990b58.css?ver=90b58 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8815
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJJeIpFZhSpn%2BgeC1tmvYYmXouWocy5LpR3WqRPLDHVztvWe0ZYb%2BY%2Fqb9creC7UBJd0mvYo9XJmDqE8WqiZqAseo0lbFQfZH7j4ZZjOz9iNfrxhETSp%2FTgF9hoBIFQheZ2M3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf78c290b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/63c9ce845b681746e4a7eaf796029ba7.js?ver=647e5
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/63c9ce845b681746e4a7eaf796029ba7.js?ver=647e5
IP 172.67.199.110:0
GET /wp-content/litespeed/js/63c9ce845b681746e4a7eaf796029ba7.js?ver=647e5 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:44 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=759334
expires: Wed, 27 Dec 2023 12:58:31 GMT
last-modified: Tue, 27 Dec 2022 06:58:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZ9I60PMOiE94ouZmvPZKW8%2F2pdH5CQoSPOXAOIE43ne6SVwnRN6LHenAfAS1xafF0p855eh9oFYhV8osMkI59ITtIMNIsOWsWXQ1%2BLA%2ByQFKzHlENXeji%2FCV1c5zJNZlnTo8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf4ca1d0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/6e331470c4db945b9c338d3b0363b4f0.css?ver=3b4f0
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/6e331470c4db945b9c338d3b0363b4f0.css?ver=3b4f0
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/6e331470c4db945b9c338d3b0363b4f0.css?ver=3b4f0 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=94872
expires: Thu, 21 Dec 2023 14:38:21 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0q2mn12oZBQr3HNmYEECC3fVwdEk%2BRH34QTO9cTVUN3d9AR1EV2EklWpNzUQMlhb7PAIFmbC6S2ieE218sb9Ul5P%2BuZ9pbcu1IKLwwZXmwQyxnpDKrO%2Bqos0q8NZtCZabuWwpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf76c100b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2018/11/BEMCON-Logo-Resized-web.svg
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2018/11/BEMCON-Logo-Resized-web.svg
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/11/BEMCON-Logo-Resized-web.svg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130201.0.0.0; _ga=GA1.1.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: image/svg+xml
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 16:46:15 GMT
last-modified: Tue, 06 Nov 2018 11:01:32 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5522
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RdkRe0h%2FC8YZbkw4Q%2FeZfzbsabgxnPbvulIJ3wYfSUcrXpqGKp8s6lC1u8pH6aDmGd65s6Mn%2FoOhI8iZzHCg8%2FxPA82x9nZko8b7gxk8%2FRL3IOpJWhGCeoAi%2FTwseSUSaNXkLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bafa5e0f0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9tYWlsc3Rlci91bnN1YnNjcmliZS8xMzhhN2M5MGU4NzNmNjkwNWJlY2Q3ZjMwZDM2Y2ViZS8zNzE4Lw/1
172.67.199.110307 Temporary Redirect 0 B URL HTTP/2 post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9tYWlsc3Rlci91bnN1YnNjcmliZS8xMzhhN2M5MGU4NzNmNjkwNWJlY2Q3ZjMwZDM2Y2ViZS8zNzE4Lw/1
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9tYWlsc3Rlci91bnN1YnNjcmliZS8xMzhhN2M5MGU4NzNmNjkwNWJlY2Q3ZjMwZDM2Y2ViZS8zNzE4Lw/1 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: text/html; charset=UTF-8
location: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
x-dns-prefetch-control: on
x-redirect-by: Mailster
x-litespeed-cache: hit
vary: User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRGDdEPyGZ4xrnYs0gCAJHOTzB6M1scrjpIgaeUVJVDH4Sga3mPhOoeUlpjrm7UeduZX5QsSUjdsBF9CDnrQ4MHZrt559ntzhCHgPTrTOLsxozFP8Md9TDFTlsN2wrRf8XJjFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae56895b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/gsi/client?ver=6.1.1
216.58.207.237200 OK 0 B URL HTTP/2 accounts.google.com/gsi/client?ver=6.1.1
IP 216.58.207.237:0
GET /gsi/client?ver=6.1.1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Tue, 27 Dec 2022 08:36:44 GMT
date: Tue, 27 Dec 2022 08:36:44 GMT
cache-control: private, max-age=1800
content-security-policy: script-src 'nonce--NSDGdzl8a1sGRJOitO6NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3729ab327e496e5367324bdbe0528493.css?ver=28493
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3729ab327e496e5367324bdbe0528493.css?ver=28493
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3729ab327e496e5367324bdbe0528493.css?ver=28493 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=217
expires: Thu, 21 Dec 2023 14:38:21 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dV74ef9oahKqhlhTUyEc5MWiD5qBytE1Lyhaf5IyBRBt8U9UN94ckh%2FV2EeMd6WP4nzNiV8z6DgQCGFW9%2FnxLGsiJCFh4RmJX7MRLqc%2F3tWG2%2FVKR1VfA1EVkTZucGrKnpc1LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf77c110b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/8816ce3c297776cb8f3b0d45edcaf33b.css?ver=af33b
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/8816ce3c297776cb8f3b0d45edcaf33b.css?ver=af33b
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/8816ce3c297776cb8f3b0d45edcaf33b.css?ver=af33b HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
expires: Sun, 10 Dec 2023 10:44:53 GMT
last-modified: Sat, 10 Dec 2022 04:44:52 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whlRTPel3PeXzZUEeGLZLMtLrG2EsAGr99BjAluxcCqgF3CG2QVjgSetJO%2BLYN%2FmABXzWQiCbQ4nItnRJr5BpCSgHPb7GTRJejKEg%2BXHoi43vZ4FrMRX%2F3fL5LibWy6kdm4zyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf78c250b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/d525ea9e26e73dfbfb5636782e35b9c1.css?ver=5b9c1
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/d525ea9e26e73dfbfb5636782e35b9c1.css?ver=5b9c1
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/d525ea9e26e73dfbfb5636782e35b9c1.css?ver=5b9c1 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=57912
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbqDni2zdOJiHgNtM9acxJf6Y%2FmW8b7mzmaW7kbTlOYrHoc9poNNSTT7HSOix6drHP%2FBBTIqmvEw6s9%2FvjfwtFRxfy1%2FD61ztMbbNkPE5Mxoly5n1PiWJqtQgSy4cznH2r95EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf78c2a0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/065d2c341c17c2e9abd7f6484fed4ee9.css?ver=d4ee9
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/065d2c341c17c2e9abd7f6484fed4ee9.css?ver=d4ee9
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/065d2c341c17c2e9abd7f6484fed4ee9.css?ver=d4ee9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=405706
expires: Thu, 21 Dec 2023 14:38:21 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75IQYZOdMA1QRmVpV2N7P%2B6GaOeK9Pk1hPByGCdyl8mg2s%2Fb0UNmbZKXf8by2P7QhJtqYf%2FdKo7Md5fn3sGCrVSWiCA7SexTiwoTqfVt3zmewJASapQ1OeSojvmsOHjc%2BSHVIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf78c240b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/8e6b0d3fd10eb987f97773fd0c9acc8e.js?ver=acc8e
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/8e6b0d3fd10eb987f97773fd0c9acc8e.js?ver=acc8e
IP 172.67.199.110:0
GET /wp-content/litespeed/js/8e6b0d3fd10eb987f97773fd0c9acc8e.js?ver=acc8e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=11225
expires: Fri, 22 Dec 2023 10:52:17 GMT
last-modified: Thu, 22 Dec 2022 04:52:16 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGV39yko%2FpZ3PLFpG%2Fk7KrWW3dAo2sjQvZcMKs2OG5C%2FEzmhTMY6DUzurvTu748qBQcKXHeMrPkOxMCZuCVm%2B77Q%2BQCNzED4%2FuZdpME6%2B9p8oedoPe717O6I6H9rYzSxhY6kug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf79c350b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/ HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://post.bemcon.co.uk/wp-json/>; rel="https://api.w.org/", <https://post.bemcon.co.uk/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://post.bemcon.co.uk/?p=6>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: a67_HTTP.200,a67_page,a67_URL.46f34623eb196712fdc1758738f6c4e4,a67_Po.6,a67_PGS,a67_
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uclJe6fPGZfW%2BjUbHshn3FlR6fmi5JV5wktyjZcDeRszNb0H6EGD2WwrTgoQXWSUIFjNX17V5FdoyLsv2qdfiJl%2FE8AI7uxf%2Bx3qDj8X2E4babWSobnLIkpei7OSfUPbgpvcEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baefaed10b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
post.bemcon.co.uk/wp-content/litespeed/css/b9549e7bb230bc4262351808373f6321.css?ver=f6321
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/b9549e7bb230bc4262351808373f6321.css?ver=f6321
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/b9549e7bb230bc4262351808373f6321.css?ver=f6321 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=38303
expires: Thu, 21 Dec 2023 14:38:21 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7k7iA4HiHpenFnBAF1qrxKCKPLETDNcldA44K9hzl4lyOUx6lIQsv%2Fa0%2BQycQDI1RVK%2FQrqKvYSWxOrv9FF2gcxD9Db8Yju5rfdBqUPf5%2BWeqC4393QT6%2F4NNB2Q%2FMxHiHBXwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf76c0f0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/0caaa3aa3b0f7af259b0aa3fa90a4c7b.css?ver=a4c7b
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/0caaa3aa3b0f7af259b0aa3fa90a4c7b.css?ver=a4c7b
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/0caaa3aa3b0f7af259b0aa3fa90a4c7b.css?ver=a4c7b HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOAcwt9%2F6sPb83es%2F5aFaeV2%2BI%2FXHLlzNOkGooVanNYKHxqfoQI7jHGnK14v43ODB7Ci0yQmQbiJ1o3rFfLSl2zy2cTqP%2FY9nz%2BamBQ%2F4QNYmGEHtQK36RjLfp2zK1c7%2BmPmVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf78c230b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3e625414636dcaa3b2462ab3755cd87a.css?ver=cd87a
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3e625414636dcaa3b2462ab3755cd87a.css?ver=cd87a
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3e625414636dcaa3b2462ab3755cd87a.css?ver=cd87a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8202
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIyYH8eOZOScuB2X7%2BhYz4%2B4jULGPq%2Fj9NL7bjGAR75Zi%2FL%2FFBNHhZf421j0zrljRqykpZO2xmZE59oOyFvl0rvGNjF2leCOnbB%2FY5FQrNo7V8wYSsWPiY72ZoNtANZgBXWEiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf78c280b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=19567
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDYlQMDSP27Iq%2BLneOvT2eFXl5Uau9AxhZTMgzQzV3kYnJXZWcyBP5WqTFP%2Bqsze13AV3l6ilI3%2F1CreX2jaI8HnLHNoL%2F82aq7SV3yRjXVR52fTWiIiPkUBfYAUQ8CYzpxs6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf77c1d0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/bac35c078609d3a951fc531bf7ecdd7a.css?ver=cdd7a
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/bac35c078609d3a951fc531bf7ecdd7a.css?ver=cdd7a
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/bac35c078609d3a951fc531bf7ecdd7a.css?ver=cdd7a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=3810
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3s%2BeZyoI5gQ5b5s9gBHv13O11k9iSkutkzBaT055wZQTYvUQOc7zdWes%2BV6ABWRvXekL8shapSGCIJLFjhkhvI9WP%2BySaUl3Q0XJMXpV2XxSb6o9tCDv%2BJnaIiSFwXTgBPKhmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7ac400b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/9361c35b8a36d4ced8e8a6539043ac71.js?ver=3ac71
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/9361c35b8a36d4ced8e8a6539043ac71.js?ver=3ac71
IP 172.67.199.110:0
GET /wp-content/litespeed/js/9361c35b8a36d4ced8e8a6539043ac71.js?ver=3ac71 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=139154
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIxDScejxsEHg9fiAZI52Narsxrf90478mhY7rKq7D3RSEcyRphT16DbNItD9FW1QRD4y13YsiPcloLOOh%2BNbzxVUXs4wJ%2BtKkQgadjluRlIWtgXIo6aQ7RmsHEjtD9mrNanew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7cc610b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7800bae9a8e9b505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/1ce8614741870fe63962e5ef9305f484.css?ver=5f484
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/1ce8614741870fe63962e5ef9305f484.css?ver=5f484
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/1ce8614741870fe63962e5ef9305f484.css?ver=5f484 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=15672
expires: Thu, 21 Dec 2023 07:11:05 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPZFrW11%2FUL4pUcRSwj0kotT9gTuSXAmKXs2W%2B8QekDFNW%2FShOPmofLCQkddGFoofc5Ph37BkY4kY%2BP8WgG5CJz0b%2FqDaa5ToXb1ZXMp1%2FxT2AlnBTVrBHCR1xJeq%2BwcFvnITA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf77c1b0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/f4a8f79ca2147599cdf000bf1066e50f.js?ver=6e50f
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/f4a8f79ca2147599cdf000bf1066e50f.js?ver=6e50f
IP 172.67.199.110:0
GET /wp-content/litespeed/js/f4a8f79ca2147599cdf000bf1066e50f.js?ver=6e50f HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=1676
expires: Thu, 21 Dec 2023 07:11:05 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqSxpwhNuOVauMtoO7AshRIlUHHUvkQCHTQo3D9p0c78JDU%2F0l5GajOr%2FX76p9AZg28x0Qr%2Bgh1XXalvZIiNdEnA5bX%2FI%2FvraFQ5RfsW4T0MNFgzTwC2Udx%2Bk21BGIpbEUX1zA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf79c370b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/7e7ffcbe1c3692857feb7cdc88e0084c.js?ver=0084c
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/7e7ffcbe1c3692857feb7cdc88e0084c.js?ver=0084c
IP 172.67.199.110:0
GET /wp-content/litespeed/js/7e7ffcbe1c3692857feb7cdc88e0084c.js?ver=0084c HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=2423
expires: Wed, 27 Dec 2023 13:07:14 GMT
last-modified: Tue, 27 Dec 2022 07:07:14 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FN1Y5241Y3j4zSC85liHdbylyL7PRn%2Fyek%2FJa%2BPCN72zS%2BGzNN2MaPdDBbzH1mYwVIi5mL1ZBtqTHabjiQNik0ORZc5NiD2gj6mMbX4EbaxO2GQ2ZZZQSMcMHom1n2f1jivJ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7ac390b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/ee25c82612046ca9a86540ae5bfcd1ac.css?ver=cd1ac
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/ee25c82612046ca9a86540ae5bfcd1ac.css?ver=cd1ac
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/ee25c82612046ca9a86540ae5bfcd1ac.css?ver=cd1ac HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=2827
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kO946%2Bn%2BSex%2FFDEkQO3D8SVxPbPFJ5x4%2FICJ7ilfvfa5Olt8A5eZsDZ84CfGZbDeiKmYjvKQ67GrRbKdYz%2BL6RyKNz95DHUB23e2G6Kc4etNygjEghIqPgovMloNquSGS49EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7ac3b0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/cfeb6882fa381b14d2a7813da0f97281.js?ver=97281
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/cfeb6882fa381b14d2a7813da0f97281.js?ver=97281
IP 172.67.199.110:0
GET /wp-content/litespeed/js/cfeb6882fa381b14d2a7813da0f97281.js?ver=97281 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=25204
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUSL9hGVdhdMlYaGi6AHDVBoXcXzaKFZ1KtPQidFQEWq75cdcyKfIaLs5%2BH6jNoy3Dm84%2FM9Iitpjwbs3uYbPeRHE08fdD4hlomSnLuE3oGS79UjP4hxP3lLq2P%2BN6vDgVIdAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7bc570b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/23554dbf39be903e0a7eaee96c062ea0.js?ver=62ea0
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/23554dbf39be903e0a7eaee96c062ea0.js?ver=62ea0
IP 172.67.199.110:0
GET /wp-content/litespeed/js/23554dbf39be903e0a7eaee96c062ea0.js?ver=62ea0 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=10683
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYOnrxZiGwkNrdH5JF1%2Bn2vcvQd8Ng7vc3iE%2B%2BoApXcj6F5K9afxa0vigOPDPngquoA3mvNa1TNm6PMYGVOInjZugoH2%2FNuuoCVKf31MMPAm8bDXmItmVwOBEzuPWYftrQL1bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf7cc660b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.74:0
GET /css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Dec 2022 08:36:45 GMT
date: Tue, 27 Dec 2022 08:36:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-includes/js/jquery/jquery.min.js
172.67.199.110200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-includes/js/jquery/jquery.min.js
IP 172.67.199.110:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/newsletter-signup/unsubscribe/138a7c90e873f6905becd7f30d36cebe/3718/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=RGZLN0cwc5sSDOb78.pwV5bwthN8jujzxsXjsztIo3I-1672130203-0-AUNb+iwhWXSq2qBwaBUHoBkci27RVAMW+0rbbFNKB0mv0POLV4Xq6eh60SymbZJa8F83o3yPT5eT6OaQNUl09BwG8j1vSGRN+aVbQCf/tHWsQ8rDrjeeSwr5yNYhxB1gcm2LU5nvR9grZ0eyAjZy0Lk=; _ga_94998W1T93=GS1.1.1672130200.1.1.1672130200.0.0.0; _ga=GA1.3.1639112298.1672130201; _gid=GA1.3.238132368.1672130201; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:45 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Mon, 19 Sep 2022 19:46:24 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5524
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTKVTh31M720Gz1lKxJCbU64CK4NzKfZPL7ZfyjUg2LZDvBsRoZMfzTOcehPahbU%2B4cOhQvinT4S%2FklMe58P3iaI7zCkUCETi81XXvSOhygKsRtR%2BQ3%2F7aaBL1XyiiMGQpmjEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800baf79c320b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2