lendingbearhug.com Open in urlscan Pro
45.141.59.95  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response lendingbearhug.com/	16 KB 6 KB	1752ms 110ms	Document text/html	45.141.59.95 IPCONNECT IP Conn...
General Check archive.org Show headers Download Go to Full URL https://lendingbearhug.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.141.59.95 Victoria, Seychelles, ASN213373 (IPCONNECT IP Connect Inc, SC), Reverse DNS fr-3ds.com Software LiteSpeed / Resource Hash 331351e17fb4a6102dc8d3b64066293197850e42fe1299879dc5697c61c80e3a Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 5530 content-type text/html date Wed, 15 Jan 2025 04:11:13 GMT last-modified Sun, 12 Jan 2025 19:41:48 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	14 KB 2 KB	202ms 107ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans+Condensed:400,700|Open+Sans:400,700 Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash 8116500852ca332f46f1b420df36dfb1860f9028dd1c3d9bb65fc9aefa75ee4d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 15 Jan 2025 04:11:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 15 Jan 2025 04:11:13 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 15 Jan 2025 04:11:13 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	index.css lendingbearhug.com/css/	24 KB 4 KB	440ms 438ms	Stylesheet text/css	45.141.59.95 IPCONNECT IP Conn...
General Check archive.org Show headers Download Go to Full URL https://lendingbearhug.com/css/index.css Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.141.59.95 Victoria, Seychelles, ASN213373 (IPCONNECT IP Connect Inc, SC), Reverse DNS fr-3ds.com Software LiteSpeed / Resource Hash d51289799070c8f29368e8dc38a21386fbc5d34ebee964f5676ce6f9cd9c63a3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 22 Jan 2025 04:11:13 GMT accept-ranges bytes content-length 4454 date Wed, 15 Jan 2025 04:11:13 GMT content-type text/css last-modified Sun, 12 Jan 2025 10:27:06 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	content a.cnsmrvrfy.com/	807 B 2 KB	626ms 417ms	Image image/gif	45.60.0.61 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://a.cnsmrvrfy.com/content?id=144baa3c138e417e9931984db4bc9c0f Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.0.61 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options Deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload x-iinfo 6-1549096-1546812 pNNy RT(1736914272733 83) q(0 0 0 0) r(0 0) U24 content-security-policy upgrade-insecure-requests cache-control no-store,no-cache pragma no-cache x-cdn Imperva x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() content-length 807 date Wed, 15 Jan 2025 04:11:12 GMT content-type image/gif x-frame-options Deny
GET H2	200	form-loader.js Show response formrequests.com/installment36/1q_ac/	21 KB 8 KB	193ms 110ms	Script application/javascript	104.26.1.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://formrequests.com/installment36/1q_ac/form-loader.js Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.1.247 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52b301d92d97c13c85f923855fa6e8a0244378f5f39a9c2a7708e9c728737e77 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers cache-control no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC etag W/"67810560-5446" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Szbias%2B%2FDnVkMWM%2Fron37kZLRNB0hBpD7UbRBMB7xz72Xa8CAQ6xnv6EKCkXP6HCo75%2BxCgud0ARPyqeTmKu4za3shjDmVijIyfX3geuPljpBbrhtTRrDvwZ%2FuRNrZ2FzXc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 902305401e9f36a1-YYZ expires Wed, 15 Jan 2025 04:11:12 GMT access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=24758&min_rtt=23950&rtt_var=1119&sent=29&recv=20&lost=0&retrans=1&sent_bytes=23778&recv_bytes=2353&delivery_rate=312712&cwnd=256&unsent_bytes=0&cid=302b4b9bd7cf581a&ts=117&x=0" date Wed, 15 Jan 2025 04:11:13 GMT content-type application/javascript; charset=UTF-8 last-modified Fri, 10 Jan 2025 11:32:48 GMT server cloudflare
GET H2	200	jquery-3.2.1.min.js Show response lendingbearhug.com/js/libs/	85 KB 29 KB	440ms 439ms	Script application/javascript	45.141.59.95 IPCONNECT IP Conn...
General Check archive.org Show headers Download Go to Full URL https://lendingbearhug.com/js/libs/jquery-3.2.1.min.js Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.141.59.95 Victoria, Seychelles, ASN213373 (IPCONNECT IP Connect Inc, SC), Reverse DNS fr-3ds.com Software LiteSpeed / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 22 Jan 2025 04:11:13 GMT accept-ranges bytes content-length 29485 date Wed, 15 Jan 2025 04:11:13 GMT content-type application/javascript last-modified Sun, 12 Jan 2025 10:27:06 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	hit.core.js Show response formrequests.com/	40 KB 18 KB	146ms 38ms	Script application/javascript	104.26.1.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://formrequests.com/hit.core.js Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.1.247 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 784596e67def2863400e4536ffc89c09182e487fa18747749cf434ed0c277cd5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"6781055f-9f62" age 6250 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cxXBF6%2FBdNVVE%2F9vLT%2FD8xMpV3Rev2YZ7jCjFypUtKOBFAEvfvq03kHLFZ6kvoYbAooNPIZE7xsPdCnGCKt1FDDbdMAyauNFX6iFROzQSR%2FMOieKreL2H1RkePO%2F1rLsvc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 902305401e9b36a1-YYZ access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=24408&min_rtt=24238&rtt_var=5197&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4030&recv_bytes=2322&delivery_rate=161896&cwnd=252&unsent_bytes=0&cid=302b4b9bd7cf581a&ts=44&x=0" date Wed, 15 Jan 2025 04:11:13 GMT content-type application/javascript; charset=UTF-8 last-modified Fri, 10 Jan 2025 11:32:47 GMT vary Accept-Encoding server cloudflare
GET H2	200	general.js Show response lendingbearhug.com/js/	4 KB 2 KB	1167ms 1166ms	Script application/javascript	45.141.59.95 IPCONNECT IP Conn...
General Check archive.org Show headers Download Go to Full URL https://lendingbearhug.com/js/general.js Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.141.59.95 Victoria, Seychelles, ASN213373 (IPCONNECT IP Connect Inc, SC), Reverse DNS fr-3ds.com Software LiteSpeed / Resource Hash 40099b253d2bdd314a299a3195a0ffaa2c6c164908f001ce6c2daede8e5b1394 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 22 Jan 2025 04:11:13 GMT accept-ranges bytes content-length 1819 date Wed, 15 Jan 2025 04:11:13 GMT content-type application/javascript last-modified Sun, 12 Jan 2025 10:27:06 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	custom.js Show response lendingbearhug.com/js/	1 KB 564 B	1167ms 1166ms	Script application/javascript	45.141.59.95 IPCONNECT IP Conn...
General Check archive.org Show headers Download Go to Full URL https://lendingbearhug.com/js/custom.js Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.141.59.95 Victoria, Seychelles, ASN213373 (IPCONNECT IP Connect Inc, SC), Reverse DNS fr-3ds.com Software LiteSpeed / Resource Hash 00297d01e5fa5db19f6868499a1149517d137a98688abc6319d2fcb40208f678 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 22 Jan 2025 04:11:13 GMT accept-ranges bytes content-length 531 date Wed, 15 Jan 2025 04:11:13 GMT content-type application/javascript last-modified Sun, 12 Jan 2025 10:27:06 GMT vary Accept-Encoding server LiteSpeed
GET H2	200	ccpa-app.js Show response formrequests.com/ccpa/	77 KB 19 KB	36ms 36ms	Script application/javascript	104.26.1.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://formrequests.com/ccpa/ccpa-app.js Requested by Host: formrequests.com URL: https://formrequests.com/installment36/1q_ac/form-loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.1.247 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ced16b068aeaee86658ed8e1f8c2195f632ab54002f851fff33fab3f525c365 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"6781055f-13201" age 6250 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K6O%2F87I2AxeInxwTIeULwa0Q1BfEHEEYJnSq7fP1hZ2Ob8GTxCcodFw3HRjAHv9OUQ4Vz2ZjTexCbtJJJoMN%2F2uYqRo1Z3VasWN1Ae1UKHZkVkhQaFJWkKBdUMliybR1boE%3D"}],"group":"cf-nel","max_age":604800} cf-ray 90230542393436a1-YYZ access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=24340&min_rtt=23000&rtt_var=845&sent=40&recv=25&lost=0&retrans=2&sent_bytes=32722&recv_bytes=2414&delivery_rate=40361&cwnd=256&unsent_bytes=0&cid=302b4b9bd7cf581a&ts=380&x=0" date Wed, 15 Jan 2025 04:11:13 GMT content-type application/javascript; charset=UTF-8 last-modified Fri, 10 Jan 2025 11:32:47 GMT vary Accept-Encoding server cloudflare
GET H2	200	css fonts.googleapis.com/	3 KB 676 B	62ms 61ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,700 Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash 593cb6a99ee681518baa0300381b64e7831df168d763b0d756643372674b5cee Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 15 Jan 2025 04:11:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 15 Jan 2025 04:11:13 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 15 Jan 2025 02:30:34 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	1ea1d51a-3e9b-d9e5-164a-f6e3f7fc55f5.js Show response create.lidstatic.com/campaign/	121 KB 39 KB	182ms 42ms	Script text/javascript	104.22.38.182 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://create.lidstatic.com/campaign/1ea1d51a-3e9b-d9e5-164a-f6e3f7fc55f5.js?snippet_version=2&callback=getlidtoken Requested by Host: formrequests.com URL: https://formrequests.com/installment36/1q_ac/form-loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.38.182 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f463703513537f55801bcd1d61e5c610af13cc88fc0b87c2ea7521065bf393d9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers content-encoding br cf-cache-status HIT etag W/"348b65354f76be436b8b5d52e4e333ec" x-amz-version-id gdIJobmquCEvbiEYiOTXwr9OuI1Mlb_d age 670 date Wed, 15 Jan 2025 04:11:13 GMT content-type text/javascript last-modified Thu, 10 Oct 2024 22:12:43 GMT vary Accept-Encoding x-amz-id-2 Hti5qpZ534kZ4igq3bO4io1uLKNzs7kdyyhsBVE/eKUBKmDj5XNLRO2lWGTSMgUDfJ166cDONSQ= x-amz-replication-status COMPLETED cache-control max-age=1800 x-amz-request-id YT5N9201S72KS8AF cf-ray 902305431b30ac0c-YYZ access-control-allow-origin * server cloudflare x-amz-server-side-encryption AES256
GET H3	200	form_bg.jpg lendingbearhug.com/images/	109 KB 109 KB	227ms 227ms	Image image/jpeg	45.141.59.95 IPCONNECT IP Conn...
General Check archive.org Show headers Download Go to Show image Full URL https://lendingbearhug.com/images/form_bg.jpg Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/css/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 45.141.59.95 Victoria, Seychelles, ASN213373 (IPCONNECT IP Connect Inc, SC), Reverse DNS fr-3ds.com Software LiteSpeed / Resource Hash 997ae7b056327a1252272cf97598b338618c5eb825a9f5bd1d324e088db60256 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/css/index.css Response headers cache-control public, max-age=604800 expires Wed, 22 Jan 2025 04:11:13 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 111398 date Wed, 15 Jan 2025 04:11:13 GMT content-type image/jpeg last-modified Sun, 12 Jan 2025 10:27:06 GMT server LiteSpeed
GET H3	200	features_bg.jpg lendingbearhug.com/images/	15 KB 15 KB	219ms 218ms	Image image/jpeg	45.141.59.95 IPCONNECT IP Conn...
General Check archive.org Show headers Download Go to Show image Full URL https://lendingbearhug.com/images/features_bg.jpg Requested by Host: lendingbearhug.com URL: https://lendingbearhug.com/css/index.css Protocol H3 Security QUIC, , AES_128_GCM Server 45.141.59.95 Victoria, Seychelles, ASN213373 (IPCONNECT IP Connect Inc, SC), Reverse DNS fr-3ds.com Software LiteSpeed / Resource Hash f6cbcdbcd02c6b17c4382e6d027ccaea4ff5e146fa2a5e8283fb991b3924dae5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/css/index.css Response headers cache-control public, max-age=604800 expires Wed, 22 Jan 2025 04:11:13 GMT accept-ranges bytes content-length 14936 date Wed, 15 Jan 2025 04:11:13 GMT content-type image/jpeg last-modified Sun, 12 Jan 2025 10:27:06 GMT server LiteSpeed
GET H3	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 47 KB	205ms 46ms	Font font/woff2	142.251.179.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:400,700|Open+Sans:400,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f94.1e100.net Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://lendingbearhug.com Referer https://fonts.googleapis.com/ Response headers age 110249 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Tue, 13 Jan 2026 21:33:44 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 13 Jan 2025 21:33:44 GMT last-modified Thu, 14 Dec 2023 02:08:40 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48236 x-xss-protection 0 server sffe
GET H3	200	z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 fonts.gstatic.com/s/opensanscondensed/v23/	16 KB 16 KB	221ms 63ms	Font font/woff2	142.251.179.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:400,700|Open+Sans:400,700 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.179.94 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f94.1e100.net Software sffe / Resource Hash 0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://lendingbearhug.com Referer https://fonts.googleapis.com/ Response headers age 372299 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Sat, 10 Jan 2026 20:46:14 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 10 Jan 2025 20:46:14 GMT last-modified Tue, 19 Apr 2022 18:08:32 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 16324 x-xss-protection 0 server sffe
GET		/ consumertransferservice.com/hit/	0 0
OPTIONS H2	403	/ consumertransferservice.com/hit/ Frame	0 0	127ms 27ms	Preflight text/html	45.60.6.61 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.6.61 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,mb-info-type Access-Control-Request-Method GET Origin https://lendingbearhug.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control no-cache, no-store content-length 865 content-type text/html x-iinfo 10-8295501-0 0NNN RT(1736914273535 49) q(0 -1 -1 1) r(0 -1) B15(3,904709,0) U24
GET H2	200	ccpa-app.css formrequests.com/ccpa/	15 KB 4 KB	48ms 45ms	Stylesheet text/css	104.26.1.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://formrequests.com/ccpa/ccpa-app.css Requested by Host: formrequests.com URL: https://formrequests.com/ccpa/ccpa-app.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.1.247 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1e9193832ce79eae43af3afd8579b3f6139382c02b3a70e4431df137210d3b5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"6781055f-3bde" age 6248 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BjjmHt5uSarcbp%2B0nPUMIzcdjoV36iCsESfMNEggnjQ0JKHYy9g7SdYE1R8f%2BPETvNFEnhHFVmxNYCQ3AOSuyVgaDOBsZsb3khcuVvV1mNAxWMOy2a0Yc36QpbTNE1hbrC4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 902305434a6f36a1-YYZ access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=26243&min_rtt=23000&rtt_var=4292&sent=64&recv=35&lost=0&retrans=6&sent_bytes=56928&recv_bytes=2503&delivery_rate=160546&cwnd=50&unsent_bytes=0&cid=302b4b9bd7cf581a&ts=563&x=0" date Wed, 15 Jan 2025 04:11:13 GMT content-type text/css last-modified Fri, 10 Jan 2025 11:32:47 GMT vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	calculate Show response thumb-service.com/	44 B 894 B	379ms 95ms	Fetch application/json	34.102.112.11 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://thumb-service.com/calculate?fp=755429865a7b720da70b406e8d551a01 Requested by Host: formrequests.com URL: https://formrequests.com/hit.core.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.102.112.11 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 11.112.102.34.bc.googleusercontent.com Software nginx / Resource Hash ee99dee71501dd59e8dbdebe81122602d5b4a3f440382a1167ec2c2e0c636ff9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers Transfer-Encoding chunked X-Iinfo 58-42396866-42396868 NNYY CT(2 16 0) RT(1736914273512 3) q(0 0 0 -1) r(0 0) U24 Content-Encoding gzip X-CDN Imperva Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin https://lendingbearhug.com Date Wed, 15 Jan 2025 04:11:14 GMT Content-Type application/json; charset=utf-8 Vary Origin Server nginx
POST H2	200	GenerateToken Show response create.leadid.com/2.15.1/	36 B 659 B	542ms 103ms	XHR text/plain	3.234.192.86 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.15.1/GenerateToken?msn=1&pid=24dc337c-8838-40ed-bb1e-6aac6fffa9f9&_=832194551 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/1ea1d51a-3e9b-d9e5-164a-f6e3f7fc55f5.js?snippet_version=2&callback=getlidtoken Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.234.192.86 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-234-192-86.compute-1.amazonaws.com Software nginx / Resource Hash 2d6abded2f31041f513a81b088634d351d561910799a3b8663d418f614bbbaa3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://lendingbearhug.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload access-control-max-age 1728000 cache-control no-cache, must-revalidate content-encoding gzip expires Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin * date Wed, 15 Jan 2025 04:11:14 GMT content-type text/plain;charset=UTF-8 server nginx access-control-allow-headers X-Requested-With, Content-Type
GET H3	200	css fonts.googleapis.com/	16 KB 2 KB	60ms 59ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap Requested by Host: formrequests.com URL: https://formrequests.com/ccpa/ccpa-app.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash 9b941f94540dcb07a154305f1a7a6d6d92d495271e7d882028028a7facd566f7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://formrequests.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 15 Jan 2025 04:11:13 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 15 Jan 2025 04:11:13 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 15 Jan 2025 02:27:47 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H3	200	favicon.ico lendingbearhug.com/images/favicons/	15 KB 4 KB	111ms 110ms	Other image/x-icon	45.141.59.95 IPCONNECT IP Conn...
General Check archive.org Show headers Download Go to Full URL https://lendingbearhug.com/images/favicons/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 45.141.59.95 Victoria, Seychelles, ASN213373 (IPCONNECT IP Connect Inc, SC), Reverse DNS fr-3ds.com Software LiteSpeed / Resource Hash 50914acc2702bfd9f608d194e9d71f75bf83537b4e4806e8ffb2b0d3e3a74eb9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers cache-control public, max-age=604800 content-encoding br expires Wed, 22 Jan 2025 04:11:14 GMT accept-ranges bytes content-length 4235 date Wed, 15 Jan 2025 04:11:14 GMT content-type image/x-icon last-modified Sun, 12 Jan 2025 10:27:06 GMT vary Accept-Encoding server LiteSpeed
GET H/1.1	200 OK	iframe.html d2m2wsoho8qq12.cloudfront.net/ Frame E3D1	0 0	488ms 43ms	Document text/html	99.86.227.13 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=107B2F67-56B4-4205-3701-2CAFF9718D85&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.1&lck=1EA1D51A-3E9B-D9E5-164A-F6E3F7FC55F5&lac=90A8CAE6-CC73-70E5-0C13-585FC92E8C5A Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/1ea1d51a-3e9b-d9e5-164a-f6e3f7fc55f5.js?snippet_version=2&callback=getlidtoken Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 99.86.227.13 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-227-13.iad79.r.cloudfront.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://lendingbearhug.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers * Access-Control-Allow-Origin * Age 75105 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 14 Jan 2025 07:19:29 GMT Etag W/"676d948d-dbb" Last-Modified Thu, 26 Dec 2024 17:38:21 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked Via 1.1 fed66e6ba2cb68c8ee66c75c4798daf8.cloudfront.net (CloudFront) X-Amz-Cf-Id BEEeet3eDslAQUm3RpdeWIwf5lA0LbL9H0LuKzfEGLnpiPiEEJKlhQ== X-Amz-Cf-Pop IAD79-C3 X-Cache Hit from cloudfront
POST H2	200	SaveDom Show response create.leadid.com/2.15.1/	0 622 B	50ms 50ms	XHR text/plain	3.234.192.86 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.15.1/SaveDom?msn=2&pid=24dc337c-8838-40ed-bb1e-6aac6fffa9f9&token=107B2F67-56B4-4205-3701-2CAFF9718D85&_=832194552 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/1ea1d51a-3e9b-d9e5-164a-f6e3f7fc55f5.js?snippet_version=2&callback=getlidtoken Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.234.192.86 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-234-192-86.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://lendingbearhug.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload access-control-max-age 1728000 cache-control no-cache, must-revalidate content-encoding gzip expires Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin * date Wed, 15 Jan 2025 04:11:14 GMT content-type text/plain;charset=UTF-8 server nginx access-control-allow-headers X-Requested-With, Content-Type
GET		/ consumertransferservice.com/hit/	0 0
OPTIONS H2	403	/ consumertransferservice.com/hit/ Frame	0 0	77ms 27ms	Preflight text/html	45.60.6.61 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.6.61 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,mb-info-type Access-Control-Request-Method GET Origin https://lendingbearhug.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control no-cache, no-store content-length 865 content-type text/html x-iinfo 4-6546079-0 0NNN RT(1736914274652 25) q(0 -1 -1 -1) r(0 -1) B15(3,904709,0) U24
POST H2	200	Snap Show response create.leadid.com/2.15.1/	0 621 B	228ms 131ms	XHR text/plain	3.234.192.86 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.15.1/Snap?msn=3&pid=24dc337c-8838-40ed-bb1e-6aac6fffa9f9&token=107B2F67-56B4-4205-3701-2CAFF9718D85&_=832194553 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/1ea1d51a-3e9b-d9e5-164a-f6e3f7fc55f5.js?snippet_version=2&callback=getlidtoken Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.234.192.86 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-234-192-86.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Referer https://lendingbearhug.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload access-control-max-age 1728000 cache-control no-cache, must-revalidate content-encoding gzip expires Sat, 26 Jul 1997 05:00:00 GMT access-control-allow-origin * date Wed, 15 Jan 2025 04:11:15 GMT content-type text/plain;charset=UTF-8 server nginx access-control-allow-headers X-Requested-With, Content-Type
GET		/ consumertransferservice.com/hit/	0 0
OPTIONS H2	403	/ consumertransferservice.com/hit/ Frame	0 0	85ms 36ms	Preflight text/html	45.60.6.61 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.6.61 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,mb-info-type Access-Control-Request-Method GET Origin https://lendingbearhug.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control no-cache, no-store content-length 865 content-type text/html x-iinfo 7-2611981-0 0NNN RT(1736914275731 35) q(0 -1 -1 -1) r(0 -1) B15(3,904709,0) U24
POST H2	201	log Show response cnsmrvrfy.com/	0 435 B	103ms 102ms	XHR text/plain	45.60.0.61 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://cnsmrvrfy.com/log Requested by Host: formrequests.com URL: https://formrequests.com/hit.core.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.0.61 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options Deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type application/json Referer https://lendingbearhug.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload x-iinfo 18-27051517-27039044 pNNy RT(1736914276437 198) q(0 0 0 0) r(0 0) U24 content-security-policy upgrade-insecure-requests x-cdn Imperva access-control-allow-credentials true x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() access-control-allow-origin https://lendingbearhug.com content-length 0 date Wed, 15 Jan 2025 04:11:16 GMT vary Origin x-frame-options Deny
OPTIONS H2	204	log cnsmrvrfy.com/ Frame	0 0	264ms 104ms	Preflight	45.60.0.61 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://cnsmrvrfy.com/log Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.0.61 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options Deny Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://lendingbearhug.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://lendingbearhug.com content-security-policy upgrade-insecure-requests date Wed, 15 Jan 2025 04:11:16 GMT permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() referrer-policy no-referrer strict-transport-security max-age=31536000; includeSubDomains; preload vary Origin x-cdn Imperva x-content-type-options nosniff x-frame-options Deny x-iinfo 18-27051517-27039044 pNNy RT(1736914276437 98) q(0 0 0 0) r(0 0) U24
GET H2	200	GetSplitTestForm Show response cnsmrvrfy.com/misc/	44 B 563 B	108ms 107ms	Fetch application/json	45.60.0.61 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://cnsmrvrfy.com/misc/GetSplitTestForm?campId=290914&mainForm=1q_pd_im&theme=theme3 Requested by Host: formrequests.com URL: https://formrequests.com/installment36/1q_ac/form-loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.0.61 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 8c03e99b9abd353691003613c51f823be11ef62eb79f4678fcbe66809c47b39e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options Deny Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload x-iinfo 18-27051517-27039044 pNNy RT(1736914276437 1696) q(0 0 0 0) r(1 1) U24 content-security-policy upgrade-insecure-requests access-control-expose-headers timestamp,date x-cdn Imperva access-control-allow-credentials true x-content-type-options nosniff referrer-policy no-referrer permissions-policy accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=() access-control-allow-origin https://lendingbearhug.com content-length 44 date Wed, 15 Jan 2025 04:11:18 GMT content-type application/json; charset=utf-8 vary Origin x-frame-options Deny
GET H2	200	theme3.css formrequests.com/installment36/1q_ac/	72 KB 20 KB	198ms 197ms	Stylesheet text/css	104.26.1.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://formrequests.com/installment36/1q_ac/theme3.css Requested by Host: formrequests.com URL: https://formrequests.com/installment36/1q_ac/form-loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.1.247 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42204ea9173d0b5cad316dd1000963121262336bc5209323ba584bb32dfa11bd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"67810560-1201c" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UIKO%2F%2BLniB%2FzMGLQLUvNbCxHTVXZhln0CWrLT8VM2Kqg0fnImP4ZEek2O%2Fs3o8Za6nGgR4%2BoesCgSS5VLtgILc%2BUAJh8ueBFTQjLe%2FdkQJdOfGzfnG%2F%2FdmGXKxuN9tKbzMo%3D"}],"group":"cf-nel","max_age":604800} cf-ray 90230562cf3e36a1-YYZ access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=26199&min_rtt=23000&rtt_var=4205&sent=90&recv=51&lost=0&retrans=8&sent_bytes=83255&recv_bytes=2759&delivery_rate=164630&cwnd=50&unsent_bytes=23161&cid=302b4b9bd7cf581a&ts=5695&x=0" date Wed, 15 Jan 2025 04:11:18 GMT content-type text/css last-modified Fri, 10 Jan 2025 11:32:48 GMT vary Accept-Encoding server cloudflare
GET		app.js formrequests.com/installment36/1q_ac/	0 0
GET H2	200	async.css formrequests.com/installment36/1q_ac/	14 KB 9 KB	37ms 37ms	Stylesheet text/css	104.26.1.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://formrequests.com/installment36/1q_ac/async.css Requested by Host: formrequests.com URL: https://formrequests.com/installment36/1q_ac/form-loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.1.247 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7270c2feff9be5d497127bbee70f909153b7bc15d72745ea36df46b9f26b0941 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://lendingbearhug.com/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status HIT etag W/"67810560-363a" age 5902 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdgKya82WVKEDXj5N1Zb801m5Fvx3XZ25Fw80ivQj%2FmXsV9waBeZZTWcMp%2BWQhYJNSrH2OFn3S5zVtubHGghH6os%2FXfYCc6HcWIM5UpVuLitdrotKfAQti2PMx4wUp7HJ4c%3D"}],"group":"cf-nel","max_age":604800} cf-ray 90230562cf4036a1-YYZ access-control-allow-origin * server-timing cfL4;desc="?proto=TCP&rtt=31249&min_rtt=23000&rtt_var=12510&sent=70&recv=41&lost=0&retrans=6&sent_bytes=60989&recv_bytes=2724&delivery_rate=191627&cwnd=50&unsent_bytes=0&cid=302b4b9bd7cf581a&ts=5596&x=0" date Wed, 15 Jan 2025 04:11:18 GMT content-type text/css last-modified Fri, 10 Jan 2025 11:32:48 GMT vary Accept-Encoding server cloudflare
GET H3	200	css fonts.googleapis.com/	3 KB 603 B	60ms 59ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,600 Requested by Host: formrequests.com URL: https://formrequests.com/installment36/1q_ac/theme3.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash 63dbe8f39595cc100cd2465bc617b8858e60de07915d6bf6474309a47c057793 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://formrequests.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 15 Jan 2025 04:11:19 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 15 Jan 2025 04:11:19 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Wed, 15 Jan 2025 02:33:14 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET		JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v29/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

consumertransferservice.com

URL

https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E

Domain

consumertransferservice.com

URL

https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E

Domain

consumertransferservice.com

URL

https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E

Domain

formrequests.com

URL

https://formrequests.com/installment36/1q_ac/app.js?v=498272603

Domain

fonts.gstatic.com

URL

https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| lmpost boolean| __Zone_disable_IE_check object| __jsf__ function| __jsf__themeResolver number| timeJSForms function| getlidtoken object| __jsf__Cnsmrvrfy function| hitregistersuccess boolean| hitcorejsalreadyfired function| __jsf__registerHit boolean| __jsf__initFp object| dataLayer boolean| __ccpa_init__ object| __ccpa__ object| LeadiD function| $ function| jQuery string| __jsf__jornayaUid object| defaultStyleFrame

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			lendingbearhug.com/	1969-12-31 23:59:59	Name: lm_campid Value: 290914
			.cnsmrvrfy.com/	1969-12-31 23:59:59	Name: nlbi_2118974 Value: MMC2B4YgcUsJLPlTqnjY6wAAAABtwyvuh7/IykFrrcLL5rWS
			.cnsmrvrfy.com/	1970-01-21 11:12:53	Name: visid_incap_2118974 Value: oJiO+Xm9TrufPf53nAL0b2A1h2cAAAAAQUIPAAAAAAD5hQbD8nd0ENyJ49YOjvxs
			.cnsmrvrfy.com/	1969-12-31 23:59:59	Name: incap_ses_410_2118974 Value: BEJ+Bk5HGzEOTZF1CZ2wBWA1h2cAAAAA4/VAOV7sdqRNZAd7WtUaUQ==
			lendingbearhug.com/	1970-01-21 02:28:35	Name: leadid_token-90A8CAE6-CC73-70E5-0C13-585FC92E8C5A-1EA1D51A-3E9B-D9E5-164A-F6E3F7FC55F5 Value: 107B2F67-56B4-4205-3701-2CAFF9718D85
			.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: JTecXHKx7VPsGivrC30iGwAAAABrHdBJCUe5+hFVCU4/F8jY
			.trueleadid.com/	1970-01-21 11:12:51	Name: visid_incap_3051494 Value: C8M4ZLz/SsqIUtdvf8NJW2M1h2cAAAAAQUIPAAAAAAAv2c4lezVftbcgnCaMn+EY
			.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_461_3051494 Value: 9EOvFArd6H1PwmBHRM1lBmM1h2cAAAAAovyKbeE8N/Fcjo5Ltja8JA==
			.deviceid.trueleadid.com/	1970-01-21 12:04:34	Name: uuid Value: c7a125fc41f7479c97d1a0a4e679059e

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://lendingbearhug.com/ Message: Access to XMLHttpRequest at 'https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E' from origin 'https://lendingbearhug.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lendingbearhug.com/ Message: Access to XMLHttpRequest at 'https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E' from origin 'https://lendingbearhug.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://lendingbearhug.com/ Message: Access to XMLHttpRequest at 'https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E' from origin 'https://lendingbearhug.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://consumertransferservice.com/hit/?clienturl=https%3A//lendingbearhug.com/&rnd=0.6941347314342323&responsetype=json&o=480&ReferrerURL=&c=290914&sourceSubId=%3C%3Fphp%20echo%20%24source%3B%3F%3E Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.cnsmrvrfy.com
cnsmrvrfy.com
consumertransferservice.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
formrequests.com
lendingbearhug.com
thumb-service.com
consumertransferservice.com
fonts.gstatic.com
formrequests.com
104.22.38.182
104.26.1.247
142.251.179.94
172.253.63.95
3.234.192.86
34.102.112.11
45.141.59.95
45.60.0.61
45.60.6.61
99.86.227.13
00297d01e5fa5db19f6868499a1149517d137a98688abc6319d2fcb40208f678
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
2d6abded2f31041f513a81b088634d351d561910799a3b8663d418f614bbbaa3
331351e17fb4a6102dc8d3b64066293197850e42fe1299879dc5697c61c80e3a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
40099b253d2bdd314a299a3195a0ffaa2c6c164908f001ce6c2daede8e5b1394
42204ea9173d0b5cad316dd1000963121262336bc5209323ba584bb32dfa11bd
50914acc2702bfd9f608d194e9d71f75bf83537b4e4806e8ffb2b0d3e3a74eb9
52b301d92d97c13c85f923855fa6e8a0244378f5f39a9c2a7708e9c728737e77
593cb6a99ee681518baa0300381b64e7831df168d763b0d756643372674b5cee
63dbe8f39595cc100cd2465bc617b8858e60de07915d6bf6474309a47c057793
6ced16b068aeaee86658ed8e1f8c2195f632ab54002f851fff33fab3f525c365
7270c2feff9be5d497127bbee70f909153b7bc15d72745ea36df46b9f26b0941
784596e67def2863400e4536ffc89c09182e487fa18747749cf434ed0c277cd5
8116500852ca332f46f1b420df36dfb1860f9028dd1c3d9bb65fc9aefa75ee4d
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c03e99b9abd353691003613c51f823be11ef62eb79f4678fcbe66809c47b39e
997ae7b056327a1252272cf97598b338618c5eb825a9f5bd1d324e088db60256
9b941f94540dcb07a154305f1a7a6d6d92d495271e7d882028028a7facd566f7
d1e9193832ce79eae43af3afd8579b3f6139382c02b3a70e4431df137210d3b5
d51289799070c8f29368e8dc38a21386fbc5d34ebee964f5676ce6f9cd9c63a3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee99dee71501dd59e8dbdebe81122602d5b4a3f440382a1167ec2c2e0c636ff9
f463703513537f55801bcd1d61e5c610af13cc88fc0b87c2ea7521065bf393d9
f6cbcdbcd02c6b17c4382e6d027ccaea4ff5e146fa2a5e8283fb991b3924dae5