urlscan.io logo urlscan.io
SecurityTrails logo

bear0w0.pro Open in urlscan Pro
221.124.197.44  Public Scan

Go To Rescan Add Verdict Report
URL: http://bear0w0.pro/
Submission: On June 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 17 HTTP transactions. The main IP is 221.124.197.44, located in Hong Kong and belongs to HUTCHISON-AS-AP HGC Global Communications Limited, HK. The main domain is bear0w0.pro.
This is the only time bear0w0.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 221.124.197.44 9304 (HUTCHISON...)
1 104.18.19.244 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 104.16.21.118 13335 (CLOUDFLAR...)
1 2a02:ec80:300... 14907 (WIKIMEDIA)
1 2 198.204.228.67 33387 (NOCIX)
1 2 74.125.34.46 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
17 13
2    221.124.197.44 (Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)
bear0w0.pro
1    104.18.19.244 (None, )

ASN13335 (CLOUDFLARENET, US)
wiki.facepunch.com
1    2600:9000:223d:fa00:19:f28c:cd92:c761 (United States)

ASN16509 (AMAZON-02, US)
static-cdn.jtvnw.net
1    2a02:26f0:3500:88c::1cc7 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.uscis.gov
1    2606:4700::6810:7b21 (United States)

ASN13335 (CLOUDFLARENET, US)
haveibeenpwned.com
3    2a02:26f0:3100:487::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is2-ssl.mzstatic.com
1    104.16.21.118 (None, )

ASN13335 (CLOUDFLARENET, US)
i.pcmag.com
1    2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
2    198.204.228.67 (United States)

ASN33387 (NOCIX, US)
www.teahub.io
2    74.125.34.46 (United States)

ASN15169 (GOOGLE, US)
PTR: ghs-vip-any-c46.ghs-ssl.googlehosted.com
www.virustotal.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
3 mzstatic.com
is2-ssl.mzstatic.com — Cisco Umbrella Rank: 6622
9 KB
2 virustotal.com
www.virustotal.com — Cisco Umbrella Rank: 53625
3 KB
2 teahub.io
www.teahub.io — Cisco Umbrella Rank: 773106
3 MB
2 bear0w0.pro
bear0w0.pro
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
93 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3915
244 KB
1 pcmag.com
i.pcmag.com — Cisco Umbrella Rank: 89301
5 KB
1 haveibeenpwned.com
haveibeenpwned.com — Cisco Umbrella Rank: 208955
7 KB
1 uscis.gov
www.uscis.gov — Cisco Umbrella Rank: 49550
48 KB
1 jtvnw.net
static-cdn.jtvnw.net — Cisco Umbrella Rank: 9162
25 KB
1 facepunch.com
wiki.facepunch.com
2 KB
17 12
Domain Requested by
3 is2-ssl.mzstatic.com bear0w0.pro
2 www.google-analytics.com bear0w0.pro
www.google-analytics.com
2 www.virustotal.com 1 redirects bear0w0.pro
2 www.teahub.io 1 redirects bear0w0.pro
2 bear0w0.pro
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.google-analytics.com
1 upload.wikimedia.org bear0w0.pro
1 i.pcmag.com bear0w0.pro
1 haveibeenpwned.com bear0w0.pro
1 www.uscis.gov bear0w0.pro
1 static-cdn.jtvnw.net bear0w0.pro
1 wiki.facepunch.com bear0w0.pro
17 13
Subject Issuer Validity Valid
facepunch.com
E6		 2024-06-09 -
2024-09-07		 3 months crt.sh
static-cdn.jtvnw.net
Amazon RSA 2048 M02		 2024-02-11 -
2025-03-11		 a year crt.sh
haveibeenpwned.com
E1		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://bear0w0.pro/
Frame ID: E147BAD7C9E7C3104BAACA4437D45030
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

© TharinO_O Website

Page URL History Show full URLs

  1. http://bear0w0.pro/ HTTP 307
    https://bear0w0.pro/ HTTP 307
    http://bear0w0.pro/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

17
Requests

35 %
HTTPS

62 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

3198 kB
Transfer

3400 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bear0w0.pro/ HTTP 307
    https://bear0w0.pro/ HTTP 307
    http://bear0w0.pro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://www.uscis.gov/sites/default/files/images/topic-landing/USCIS_Online-Tools_241x161_V1%402x.png HTTP 307
  • https://www.uscis.gov/sites/default/files/images/topic-landing/USCIS_Online-Tools_241x161_V1%402x.png
Request Chain 6
  • http://i.pcmag.com/imagery/reviews/05JPSXpKxx9c5oL8wwZMAkX-27..1622837895.png HTTP 307
  • https://i.pcmag.com/imagery/reviews/05JPSXpKxx9c5oL8wwZMAkX-27..1622837895.png
Request Chain 8
  • http://upload.wikimedia.org/wikipedia/commons/thumb/1/1f/Tools.svg/1200px-Tools.svg.png HTTP 307
  • https://upload.wikimedia.org/wikipedia/commons/thumb/1/1f/Tools.svg/1200px-Tools.svg.png
Request Chain 9
  • http://www.teahub.io/photos/full/97-972894_free-download-game-pc-offline-windows-7.png HTTP 301
  • https://www.teahub.io/photos/full/97-972894_free-download-game-pc-offline-windows-7.png
Request Chain 10
  • http://www.virustotal.com/gui/images/thumbprint.png HTTP 302
  • https://www.virustotal.com/gui/images/thumbprint.png
Request Chain 11
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bear0w0.pro/
Redirect Chain
  • http://bear0w0.pro/
  • https://bear0w0.pro/
  • http://bear0w0.pro/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://bear0w0.pro/
Protocol
HTTP/1.1
Server
221.124.197.44 , Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
194675de7d41991adb438d1f594b137df33c05e4c1dabecd21297840d4aa097b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jun 2024 13:13:18 GMT
Keep-Alive
timeout=20
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
http://bear0w0.pro/
Non-Authoritative-Reason
HttpsUpgrades
JodREY1zTjWBVnPepvx61z0haaQ.js
wiki.facepunch.com/cdn-cgi/apps/head/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wiki.facepunch.com/cdn-cgi/apps/head/JodREY1zTjWBVnPepvx61z0haaQ.js
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee6921d4f67a2d8b58dd472f46fd979d8b371b70227c72e0aa62194346a7a489

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://bear0w0.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 13:13:19 GMT
content-encoding
gzip
x-amz-version-id
iin5wqvXwtdZHJtep0rbVbOqstRl2SDd
cf-cache-status
MISS
x-amz-request-id
GX68KV17Z5J24EEV
alt-svc
h3=":443"; ma=86400
content-length
2024
x-amz-id-2
qHe0j7drUBsRzOpOeSlIXtj3k3q9gUTpXSJahOJ1bzpudOzelSyoJnKlIvpsjdyMXCLJCqQLiW8=
last-modified
Mon, 24 Jul 2017 18:55:14 GMT
server
cloudflare
etag
"f24b5dfe5b12bfff41552217454a4fb4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
898cf975fb5a4daa-FRA
expires
Tue, 24 Jun 2025 13:13:19 GMT
fd52a947-1da8-4a37-b30a-07883bbf5421-profile_image-300x300.jpeg
static-cdn.jtvnw.net/jtv_user_pictures/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.jtvnw.net/jtv_user_pictures/fd52a947-1da8-4a37-b30a-07883bbf5421-profile_image-300x300.jpeg
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:fa00:19:f28c:cd92:c761 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
fc5ae3de6fa1b358cac00e2e1d993549f83006a88aa7821ab3dc2ed5936693f4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://bear0w0.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 13:13:19 GMT
via
1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-length
24985
last-modified
Thu, 28 Jul 2022 11:58:27 GMT
server
nginx
etag
"3cedb4e081e291fb5284a61eb437b675"
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
timing-allow-origin
https://www.twitch.tv
x-amz-cf-id
omuYh-VIWVRlwtN3D7_X2GZ2fwMSLG5aYgtE87W598VHG7y8Y9vA5w==
expires
Mon, 24 Jun 2024 17:13:19 GMT
USCIS_Online-Tools_241x161_V1%402x.png
www.uscis.gov/sites/default/files/images/topic-landing/
Redirect Chain
  • http://www.uscis.gov/sites/default/files/images/topic-landing/USCIS_Online-Tools_241x161_V1%402x.png
  • https://www.uscis.gov/sites/default/files/images/topic-landing/USCIS_Online-Tools_241x161_V1%402x.png
47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.uscis.gov/sites/default/files/images/topic-landing/USCIS_Online-Tools_241x161_V1%402x.png
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
H2
Server
2a02:26f0:3500:88c::1cc7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
13f293c58b34819c7777d4b00a31d9e8a1092d3ccad879d4c8b67ce2c191f2fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 13:13:19 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-content-type-options
nosniff
x-wcm-h
PUP7W11
last-modified
Fri, 28 Aug 2020 16:16:12 GMT
server
Apache
etag
"bdb4-5adf25f119e89"
content-type
image/png
cache-control
max-age=252969
accept-ranges
bytes
content-length
48564
expires
Thu, 27 Jun 2024 11:29:28 GMT

Redirect headers

Location
https://www.uscis.gov/sites/default/files/images/topic-landing/USCIS_Online-Tools_241x161_V1%402x.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
SocialLogo.png
haveibeenpwned.com/Content/Images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haveibeenpwned.com/Content/Images/SocialLogo.png
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
386498ad611d6426437132e0ad00eeec0c2a03d31c27dad0d56eb87fc13cb7c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://bear0w0.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 13:13:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
762
cf-polished
origFmt=png, origSize=11668
content-disposition
inline; filename="SocialLogo.webp"
content-length
6386
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:85,h2pri
last-modified
Tue, 04 Jun 2024 01:09:44 GMT
server
cloudflare
etag
"0bc6ce21bb6da1:0"
vary
Accept
x-frame-options
DENY
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
898cf9774ff2bbbc-FRA
230x0w.webp
is2-ssl.mzstatic.com/image/thumb/Purple125/v4/5d/d2/d3/5dd2d32c-077e-501c-a901-b65dcb555bea/logo_youtube_color-0-0-1x_U007emarketing-0-0-0-6-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is2-ssl.mzstatic.com/image/thumb/Purple125/v4/5d/d2/d3/5dd2d32c-077e-501c-a901-b65dcb555bea/logo_youtube_color-0-0-1x_U007emarketing-0-0-0-6-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/230x0w.webp
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
HTTP/1.1
Server
2a02:26f0:3100:487::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/5 /
Resource Hash
b7583f5e345518641e1a055fd80ec67db8091551d295ad90afcb036c122ff133
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key
7EFQ5EUMI3V3NEX3GXBXU3POFM
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 24 Jun 2024 13:13:19 GMT
X-B3-TraceId
4592d0ded10a491b
x-daiquiri-instance
daiquiri:13624002:mr85p00it-hyhk03094901:7987:24RELEASE127:daiquiri-amp-processing-shared-int-001-mr, daiquiri:11338003:mr47p00it-qujn05120301:7987:24HOTFIX11:daiquiri-amp-all-l7shared-int-001-mr
CDNUUID
daf5fa0b-4c4c-46e5-b5c9-cbfb92a720f3-5884952303
X-Cache
TCP_MISS from a23-53-43-143.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-b3-parentspanid
5ed20662262c2b18
b3
f90b0e928c46ebb692fb35c37a6dee2b-753d65b3efc1bac4
Connection
keep-alive
Content-Length
1614
apple-tk
false
Server
daiquiri/5
apple-seq
0.0
Last-Modified
Sun, 03 Sep 2023 10:28:59 GMT
X-Cache-Remote
TCP_MISS from a2-20-179-96.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-), TCP_HIT from a2-20-179-96.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
ETag
"MSwxLjcyLjEtMjNKLFZlcnNpb24gMTMuNCAoQnVpbGQgMjJGNjYpLDE2OTM3MzY5MzkzMjYsaXNCdWlsZFZlcnNpb25Ob3RTZXQsYjgzNGEwNmMsbm9FZmZlY3Q="
apple-originating-system
UnknownOriginatingSystem
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
f90b0e92-8c46-ebb6-92fb-35c37a6dee2b
x-b3-spanid
753d65b3efc1bac4
Cache-Control
no-transform, max-age=721140
Timing-Allow-Origin
*
230x0w.webp
is2-ssl.mzstatic.com/image/thumb/Purple125/v4/eb/78/a7/eb78a7b4-0eda-bbf6-0145-1ecee81e9946/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is2-ssl.mzstatic.com/image/thumb/Purple125/v4/eb/78/a7/eb78a7b4-0eda-bbf6-0145-1ecee81e9946/AppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/230x0w.webp
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
HTTP/1.1
Server
2a02:26f0:3100:487::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/5 /
Resource Hash
7c9ebc96891193f2f25a8499d17aa8e8dc63caa09762e6f6833dc2712a5906c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key
XQQ2TQS5ALKL35N763VRYHL4DU
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 24 Jun 2024 13:13:19 GMT
X-B3-TraceId
5f5c3cde97cb0b45
x-daiquiri-instance
daiquiri:13624002:mr85p00it-hyhk03094901:7987:24RELEASE127:daiquiri-amp-processing-shared-int-001-mr, daiquiri:11338002:mr47p00it-qujn02122102:7987:24HOTFIX11:daiquiri-amp-all-l7shared-int-001-mr
CDNUUID
c6c7bd78-7db7-4696-ae39-bacf4c542cb2-5751937586
X-Cache
TCP_MISS from a23-53-43-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-b3-parentspanid
f7c5400b08ea2534
b3
bc21a9c25d02d4bdf5bff6eb1c1d7c1d-9ce7fc921e319329
Connection
keep-alive
Content-Length
1954
apple-tk
false
Server
daiquiri/5
apple-seq
0.0
Last-Modified
Tue, 12 Sep 2023 06:15:55 GMT
X-Cache-Remote
TCP_MISS from a2-20-179-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-), TCP_HIT from a2-20-179-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
ETag
"MSwxLjcyLjYtMjNMLFZlcnNpb24gMTMuNS4yIChCdWlsZCAyMkc5MSksMTY5NDQ5OTM1NTYwNSxpc0J1aWxkVmVyc2lvbk5vdFNldCw3MTBlY2NiYyxub0VmZmVjdA=="
apple-originating-system
UnknownOriginatingSystem
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
bc21a9c2-5d02-d4bd-f5bf-f6eb1c1d7c1d
x-b3-spanid
9ce7fc921e319329
Cache-Control
no-transform, max-age=791391
Timing-Allow-Origin
*
05JPSXpKxx9c5oL8wwZMAkX-27..1622837895.png
i.pcmag.com/imagery/reviews/
Redirect Chain
  • http://i.pcmag.com/imagery/reviews/05JPSXpKxx9c5oL8wwZMAkX-27..1622837895.png
  • https://i.pcmag.com/imagery/reviews/05JPSXpKxx9c5oL8wwZMAkX-27..1622837895.png
4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pcmag.com/imagery/reviews/05JPSXpKxx9c5oL8wwZMAkX-27..1622837895.png
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
H3
Server
104.16.21.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fc4314aeaaf699ba61627542159f1c8f52547d69c59d63309e93324a7cb010e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 13:13:19 GMT
strict-transport-security
max-age=15724800; includeSubDomains
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Jun 2024 08:28:55 GMT
server
cloudflare
cf-polished
origFmt=png, origSize=7786
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
content-disposition
inline; filename="05JPSXpKxx9c5oL8wwZMAkX-27.webp"
cf-ray
898cf978bb265b38-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 24 Jun 2025 13:13:19 GMT

Redirect headers

Location
https://i.pcmag.com/imagery/reviews/05JPSXpKxx9c5oL8wwZMAkX-27..1622837895.png
Non-Authoritative-Reason
DNS
Cross-Origin-Resource-Policy
Cross-Origin
230x0w.webp
is2-ssl.mzstatic.com/image/thumb/Purple125/v4/9b/a9/1c/9ba91c2e-e476-4d0b-99ef-72ca1d5f141b/TwitchAppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/ 		1 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://is2-ssl.mzstatic.com/image/thumb/Purple125/v4/9b/a9/1c/9ba91c2e-e476-4d0b-99ef-72ca1d5f141b/TwitchAppIcon-0-0-1x_U007emarketing-0-0-0-7-0-0-sRGB-0-0-0-GLES2_U002c0-512MB-85-220-0-0.png/230x0w.webp
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
HTTP/1.1
Server
2a02:26f0:3100:487::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/5 /
Resource Hash
e10177d309fc7cd9a3df7545c536ecc9b38a3779e20a0cbc145676abc8d57ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-apple-jingle-correlation-key
2LVZELP6N52K33YJWKBD25JKVE
Strict-Transport-Security
max-age=31536000; includeSubDomains
Date
Mon, 24 Jun 2024 13:13:19 GMT
x-b3-traceid
ad7439e622caa7a3
x-daiquiri-instance
daiquiri:33624002:pv50p00it-hyhk12033901:7987:24RELEASE127:daiquiri-amp-processing-shared-int-001-pv, daiquiri:31338002:pv52p00it-qujn10213502:7987:24RELEASE127:daiquiri-amp-all-l7shared-int-001-pv
CDNUUID
c69fcde3-4b8e-411f-a73a-870ffa1290a7-5811787047
X-Cache
TCP_MISS from a23-53-43-118.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
x-b3-parentspanid
3f8be17954ee9a07
b3
d2eb922dfe6f74adef09b2823d752aa9-d059a056ad4abff1
Connection
keep-alive
Content-Length
1208
apple-tk
false
Server
daiquiri/5
apple-seq
0.0
Last-Modified
Mon, 31 Jul 2023 21:29:18 GMT
X-Cache-Remote
TCP_MISS from a23-206-213-215.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-), TCP_HIT from a23-206-213-215.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-)
ETag
"MSwxLjcyLjAtMjNKLFZlcnNpb24gMTIuMSAoQnVpbGQgMjFDNTIpLDE2OTA4Mzg5NTg5NzEsaXNCdWlsZFZlcnNpb25Ob3RTZXQsNzAyMzMsbm9FZmZlY3Q="
apple-originating-system
UnknownOriginatingSystem
Content-Type
image/webp
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
d2eb922d-fe6f-74ad-ef09-b2823d752aa9
x-b3-spanid
d059a056ad4abff1
Cache-Control
no-transform, max-age=634666
Timing-Allow-Origin
*
1200px-Tools.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/1/1f/Tools.svg/
Redirect Chain
  • http://upload.wikimedia.org/wikipedia/commons/thumb/1/1f/Tools.svg/1200px-Tools.svg.png
  • https://upload.wikimedia.org/wikipedia/commons/thumb/1/1f/Tools.svg/1200px-Tools.svg.png
243 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/thumb/1/1f/Tools.svg/1200px-Tools.svg.png
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
H2
Server
2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
envoy /
Resource Hash
7b287ecdd30daca8f6bd1ed4b5b3c0da477fac7559c05a7ee7a1a4cafa4a91ab
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 24 Jun 2024 13:13:19 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
0
x-cache-status
hit-local
x-cache
cp3074 hit, cp3074 miss
server-timing
cache;desc="hit-local", host;desc="cp3074"
content-length
248571
x-client-ip
2a01:4a0:5a::10
last-modified
Thu, 24 Oct 2013 20:17:25 GMT
server
envoy
etag
05d640ae7a92e6a657279710dd821b1b
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

Location
https://upload.wikimedia.org/wikipedia/commons/thumb/1/1f/Tools.svg/1200px-Tools.svg.png
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
97-972894_free-download-game-pc-offline-windows-7.png
www.teahub.io/photos/full/
Redirect Chain
  • http://www.teahub.io/photos/full/97-972894_free-download-game-pc-offline-windows-7.png
  • https://www.teahub.io/photos/full/97-972894_free-download-game-pc-offline-windows-7.png
3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.teahub.io/photos/full/97-972894_free-download-game-pc-offline-windows-7.png
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
HTTP/1.1
Server
198.204.228.67 , United States, ASN33387 (NOCIX, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
91aaf934e90f72b408091876ba6f56f742ca6753ba7317ea2593e6691bc0de5e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 24 Jun 2024 13:13:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Dec 2019 08:03:39 GMT
Server
nginx/1.14.0
ETag
W/"5df345db-2acc37"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/png
Connection
keep-alive

Redirect headers

Location
https://www.teahub.io/photos/full/97-972894_free-download-game-pc-offline-windows-7.png
Date
Mon, 24 Jun 2024 13:13:19 GMT
Server
nginx/1.14.0
Connection
keep-alive
Content-Length
185
Content-Type
text/html
thumbprint.png
www.virustotal.com/gui/images/
Redirect Chain
  • http://www.virustotal.com/gui/images/thumbprint.png
  • https://www.virustotal.com/gui/images/thumbprint.png
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.virustotal.com/gui/images/thumbprint.png
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
H2
Server
74.125.34.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ghs-vip-any-c46.ghs-ssl.googlehosted.com
Software
Google Frontend /
Resource Hash
4c4ac926b92239fec74ac5ff4e3bade9949634a38707a0a7a6b8e111236e9305

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Mon, 24 Jun 2024 13:14:19 GMT
date
Mon, 24 Jun 2024 13:13:19 GMT
cache-control
public, max-age=60
x-cloud-trace-context
047109e481e205df742e84846f73f43a
server
Google Frontend
etag
"7Osrsw"
content-type
image/png

Redirect headers

Location
https://www.virustotal.com/gui/images/thumbprint.png
X-Cloud-Trace-Context
84db2d1c4b0192358e2772d2a20842b1
Date
Mon, 24 Jun 2024 13:13:19 GMT
Server
Google Frontend
Content-Length
0
Content-Type
text/html
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bear0w0.pro
URL: http://bear0w0.pro/
Protocol
H2
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Jun 2024 11:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5536
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 24 Jun 2024 13:41:03 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
collect
www.google-analytics.com/j/ 		15 B
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=859767924&t=pageview&_s=1&dl=http%3A%2F%2Fbear0w0.pro%2F&ul=de-de&de=UTF-8&dt=%C2%A9%20TharinO_O%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=707192422&gjid=2045488321&cid=783475922.1719234799&tid=UA-29119593-1&_gid=611802025.1719234799&_r=1&_slc=1&z=1767418102
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
c4ddfac14c5ca5085b06b69b81c2df5ba5cd255c917006c6471a1f38c2a5e38c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
http://bear0w0.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 13:13:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://bear0w0.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		262 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3PZKHBCJ8P&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f6bb11b7d5f108db7b83bfe75278e6c1a75ba4b24a5b209d3898ed5e5baef18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://bear0w0.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 13:13:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94455
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Jun 2024 13:13:19 GMT
collect
region1.google-analytics.com/g/ 		0
250 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3PZKHBCJ8P&gtm=45je46j0v9126321011za200&_p=1719234799517&gcd=13l3lPl2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&ul=de-de&sr=1600x1200&cid=783475922.1719234799&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=http%3A%2F%2Fbear0w0.pro%2F&dt=%C2%A9%20TharinO_O%20Website&sid=1719234799&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4004&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3PZKHBCJ8P&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
http://bear0w0.pro/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 13:13:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://bear0w0.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
bear0w0.pro/ 		3 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://bear0w0.pro/favicon.ico
Protocol
HTTP/1.1
Server
221.124.197.44 , Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
84ac9656149bfa4529565aae4587849f830d2defe96105f6c132f5e1781df80f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bear0w0.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 24 Jun 2024 13:13:21 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"64e9d6e1-c8c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
Keep-Alive
timeout=20

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

5 Cookies

Domain/Path Name / Value
.haveibeenpwned.com/ Name: __cf_bm
Value: GzaQSa0qz0VfTCEAfRB44lAS2TCN2JFSCACGMV9_iEY-1719234799-1.0.1.1-0Pa91UxwnPbhy.2neIKiI_xfL6Xzx4r0KV01rhbrdniAbqC4h0icZq8yW9N_PavCgB5EGiXGk0CJWgRzf5Tkgg
.bear0w0.pro/ Name: _ga
Value: GA1.2.783475922.1719234799
.bear0w0.pro/ Name: _gid
Value: GA1.2.611802025.1719234799
.bear0w0.pro/ Name: _gat
Value: 1
.bear0w0.pro/ Name: _ga_3PZKHBCJ8P
Value: GS1.2.1719234799.1.0.1719234799.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: http://bear0w0.pro/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bear0w0.pro
haveibeenpwned.com
i.pcmag.com
is2-ssl.mzstatic.com
region1.google-analytics.com
static-cdn.jtvnw.net
upload.wikimedia.org
wiki.facepunch.com
www.google-analytics.com
www.googletagmanager.com
www.teahub.io
www.uscis.gov
www.virustotal.com
104.16.21.118
104.18.19.244
198.204.228.67
2001:4860:4802:32::36
221.124.197.44
2600:9000:223d:fa00:19:f28c:cd92:c761
2606:4700::6810:7b21
2a00:1450:4001:80f::200e
2a00:1450:4001:82f::2008
2a02:26f0:3100:487::2a1
2a02:26f0:3500:88c::1cc7
2a02:ec80:300:ed1a::2:b
74.125.34.46
13f293c58b34819c7777d4b00a31d9e8a1092d3ccad879d4c8b67ce2c191f2fc
194675de7d41991adb438d1f594b137df33c05e4c1dabecd21297840d4aa097b
1fc4314aeaaf699ba61627542159f1c8f52547d69c59d63309e93324a7cb010e
386498ad611d6426437132e0ad00eeec0c2a03d31c27dad0d56eb87fc13cb7c4
4c4ac926b92239fec74ac5ff4e3bade9949634a38707a0a7a6b8e111236e9305
5f6bb11b7d5f108db7b83bfe75278e6c1a75ba4b24a5b209d3898ed5e5baef18
7b287ecdd30daca8f6bd1ed4b5b3c0da477fac7559c05a7ee7a1a4cafa4a91ab
7c9ebc96891193f2f25a8499d17aa8e8dc63caa09762e6f6833dc2712a5906c4
84ac9656149bfa4529565aae4587849f830d2defe96105f6c132f5e1781df80f
91aaf934e90f72b408091876ba6f56f742ca6753ba7317ea2593e6691bc0de5e
b7583f5e345518641e1a055fd80ec67db8091551d295ad90afcb036c122ff133
c4ddfac14c5ca5085b06b69b81c2df5ba5cd255c917006c6471a1f38c2a5e38c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10177d309fc7cd9a3df7545c536ecc9b38a3779e20a0cbc145676abc8d57ca2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee6921d4f67a2d8b58dd472f46fd979d8b371b70227c72e0aa62194346a7a489
fc5ae3de6fa1b358cac00e2e1d993549f83006a88aa7821ab3dc2ed5936693f4