Overview

URLwww.hicoa.net/wp-includes/theme-compat/sodium/
IP 69.49.115.40 (United States)
ASN#30447 INFB2-AS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-06 13:59:54 UTC
StatusLoading report..
IDS alerts0
Blocklist alert8
urlquery alerts No alerts detected
Tags None

Domain Summary (18)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ns.cdn-services.com (2) 0 2022-06-10 23:00:19 UTC 2022-12-05 15:34:39 UTC 172.67.188.229 Unknown ranking
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-06 04:09:05 UTC 34.117.237.239
www.hicoa.net (9) 0 2022-12-06 00:33:58 UTC 2022-12-06 11:11:57 UTC 69.49.115.40 Unknown ranking
cdnjs.cloudflare.com (1) 235 2015-04-17 20:46:33 UTC 2022-12-06 04:09:07 UTC 104.17.24.14
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
ocsp.sectigo.com (2) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
count.carrierzone.com (2) 74556 2012-06-29 20:07:04 UTC 2022-12-05 11:56:46 UTC 66.175.41.113
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.38.139.17
ocsp.pki.goog (4) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
fonts.gstatic.com (1) 0 2014-09-09 00:40:21 UTC 2022-12-06 10:35:57 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-06 10:35:11 UTC 142.250.74.138
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
r3.o.lencr.org (5) 344 No data No data 95.101.11.115
ocsp.digicert.com (7) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-06 04:09:05 UTC 34.102.187.140
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.65.229
www.credit-agricole.fr (2) 236699 2017-02-01 14:45:50 UTC 2022-12-05 05:51:10 UTC 158.191.172.47
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-12-05 2 www.hicoa.net/wp-includes/theme-compat/sodium/ Credit Agricole S.A.

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-06 2 www.hicoa.net/wp-includes/theme-compat/sodium/ Phishing
2022-12-06 2 www.hicoa.net/wp-includes/theme-compat/sodium/config/init.js Phishing
2022-12-06 2 www.hicoa.net/wp-includes/theme-compat/sodium/js/app.f08ebc70.js Phishing
2022-12-06 2 www.hicoa.net/wp-includes/theme-compat/sodium/js/vendor.d0887c5f.js Phishing
2022-12-06 2 www.hicoa.net/wp-includes/theme-compat/sodium/js/2.1e1a6a8e.js Phishing
2022-12-06 2 www.hicoa.net/wp-includes/theme-compat/sodium/js/4.0ec808a8.js Phishing
2022-12-06 2 www.hicoa.net/wp-includes/theme-compat/sodium/fonts/flUhRq6tzZclQEJ-Vdg-Iui (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 69.49.115.40
Date UQ / IDS / BL URL IP
2022-12-27 19:27:06 +0000 0 - 1 - 11 caixa.com.mx/ 69.49.115.40
2022-12-27 05:34:07 +0000 0 - 1 - 11 caixa.com.mx/ 69.49.115.40
2022-12-06 13:59:54 +0000 0 - 0 - 8 www.hicoa.net/wp-includes/theme-compat/sodium/ 69.49.115.40
2022-12-06 11:13:13 +0000 0 - 0 - 8 www.hicoa.net/wp-includes/theme-compat/sodium/ 69.49.115.40
2022-11-26 04:17:48 +0000 0 - 0 - 1 diter-sa.com/ 69.49.115.40


Last 5 reports on ASN: INFB2-AS
Date UQ / IDS / BL URL IP
2023-01-28 04:15:42 +0000 0 - 1 - 3 prestigehomeautomation.net/43rf3dw/34frgegrg.exe 64.29.151.221
2023-01-28 03:38:44 +0000 0 - 2 - 3 harperhouseproducts.com/Merchant2/ARsf1LIcOau (...) 66.175.58.9
2023-01-28 03:38:36 +0000 0 - 2 - 3 rogerschultz.com/eln-images/u0vT/ 66.175.58.9
2023-01-28 03:38:35 +0000 0 - 2 - 3 marcowine.com/Images/SLlwnvS7Uxnymm/ 66.175.58.9
2023-01-28 03:38:28 +0000 0 - 2 - 3 grimmcm.com/cgi/6hoBPCb3E/ 66.175.58.9


Last 2 reports on domain: hicoa.net
Date UQ / IDS / BL URL IP
2022-12-06 13:59:54 +0000 0 - 0 - 8 www.hicoa.net/wp-includes/theme-compat/sodium/ 69.49.115.40
2022-12-06 11:13:13 +0000 0 - 0 - 8 www.hicoa.net/wp-includes/theme-compat/sodium/ 69.49.115.40


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-27 07:48:33 +0000 0 - 0 - 8 rezemebremes.web.app/ 199.36.158.100
2023-01-27 01:37:53 +0000 0 - 0 - 4 rezemebremes.firebaseapp.com/ 199.36.158.100
2023-01-26 08:09:04 +0000 0 - 0 - 4 unedernfor.web.app/ 199.36.158.100
2023-01-26 07:39:44 +0000 0 - 0 - 12 reginalcaissagr-fr.web.app/ 199.36.158.100
2023-01-25 07:25:01 +0000 0 - 0 - 3 dremebrezerte.web.app/ 199.36.158.100

JavaScript

Executed Scripts (9)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (49)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9569
Expires: Tue, 06 Dec 2022 16:39:12 GMT
Date: Tue, 06 Dec 2022 13:59:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5256
Cache-Control: max-age=165551
Date: Tue, 06 Dec 2022 13:59:43 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:58:54 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21293
Expires: Tue, 06 Dec 2022 19:54:36 GMT
Date: Tue, 06 Dec 2022 13:59:43 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 13:20:25 GMT
cache-control: public,max-age=3600
age: 2358
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: spkOt/6M8RwueRo4npOMesKzoB7Hzal+IdZH9JTGIFaxdfgbeIsN1hopU77omJS97rpPM33Ehsc=
x-amz-request-id: H14F64Y5DNHEH2GP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 13:48:57 GMT
age: 646
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 06 Dec 2022 13:59:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /wp-includes/theme-compat/sodium/ HTTP/1.1 
Host: www.hicoa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         69.49.115.40
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Tue, 06 Dec 2022 13:59:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:37:39 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1397)
Size:   999
Md5:    056863efb27fc0b6dd587a97f27b9406
Sha1:   e0b9fd8e816e1d172dcc636b4247fb823a1bba8e
Sha256: e8d97884e113f8c9aedc5e6ce6cb9ae1bf8ad253217ddf758da1739c60338b80

Alerts:
  Blocklists:
    - openphish: Credit Agricole S.A.
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5872
Cache-Control: max-age=115392
Date: Tue, 06 Dec 2022 13:59:43 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:55 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/adblock-detect/1.0.5/index.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.hicoa.net
Connection: keep-alive
Referer: http://www.hicoa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 06 Dec 2022 13:59:43 GMT
content-length: 452
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf5-425"
last-modified: Mon, 04 May 2020 16:04:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13183252
expires: Sun, 26 Nov 2023 13:59:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgHakQTSXdu8Wvo2%2FbnfX6GYCqpJBw0Z0akLJ6WEc8G1RSNCjLqEy7D1qel5TcbjbTuBEn0BFLxHDCnwSgHSsLGp5PDfj3daR8lBnx7k7c%2BSIE7%2Fika7Kt6PE%2BKVTxBmsqqknZ%2F9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77558b321dd50b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1061), with no line terminators
Size:   452
Md5:    c660dfc8d0f8ceda2de56842c100d23a
Sha1:   36e3ae4c06d0fa91ef0392c065cb97b83ffe5d64
Sha256: 8ccccd57855b34077443f3fe5ed6d212ef8f5e6029bbd1b18c827699b99eb336
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 13:59:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /npm/@adonisjs/framework@5.0.13/index.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hicoa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.65.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.0.13
x-jsd-version-type: version
etag: W/"1ae-myc90tb7oItlxVsc5EMaDyV2uOM"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 13:59:43 GMT
age: 3010509
x-served-by: cache-fra-eddf8230100-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 305
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   305
Md5:    36c8721a7ad91c2fa311684ada8dd767
Sha1:   d1d3d67d10fe2781c75faeb7fdf8ea1c0dd1543c
Sha256: 52b9e76467478ef29b0904f653393473ee55e64f48804014412541c877181196
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5872
Cache-Control: max-age=115392
Date: Tue, 06 Dec 2022 13:59:43 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:02:55 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /wp-includes/theme-compat/sodium/config/init.js HTTP/1.1 
Host: www.hicoa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hicoa.net/wp-includes/theme-compat/sodium/

search
                                         69.49.115.40
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 13:59:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:37:39 GMT
ETag: W/"24d-5eed79a6a07d7"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text
Size:   430
Md5:    a0a9b3e3e7931c0968f19df0bf3e98f8
Sha1:   fb3d5fdd2e628c2dbfc8ffbdc51c6eb253719b2d
Sha256: a25c813ca18f91d6f4c294861ce7f05fedf0ac3f45535854337c7db21e33e69d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 13:59:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "D82555AD36DB46492DB8500BF1BC7BC4AEA300BC"
Expires: Wed, 07 Dec 2022 00:00:00 GMT
Last-Modified: Tue, 06 Dec 2022 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3562
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77558b327eeeb4fa-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    9fb76f1ca0700561518f33651150b680
Sha1:   57dbb975cd265600544fdf9791fa61287dc40219
Sha256: 644266364013404b9ceaa6b912f9c4b8eefcb2b29a4343b1eaa34ec2a42dc35f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 13:59:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/theme-compat/sodium/css/app.ccab8aee.css HTTP/1.1 
Host: www.hicoa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hicoa.net/wp-includes/theme-compat/sodium/

search
                                         69.49.115.40
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 13:59:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:37:39 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (2181), with no line terminators
Size:   788
Md5:    3389fa66aa57e1870c22bc909f2a9f4c
Sha1:   5660bad0b9dafc0a62733d773fd8e231aac5a7cf
Sha256: 114bf61ce27144c775c7cf77295ba837d745ced0af8fda6b838a49777b47ed6f
                                        
                                            GET /wp-includes/theme-compat/sodium/js/app.f08ebc70.js HTTP/1.1 
Host: www.hicoa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hicoa.net/wp-includes/theme-compat/sodium/

search
                                         69.49.115.40
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 13:59:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:37:39 GMT
ETag: W/"19b0-5eed79a693921"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (6576), with no line terminators
Size:   2958
Md5:    3b1bc5e6b4ffe87ccb402f0e044ae981
Sha1:   fbc6d5874a582819126df7321d55b6a81cf66c6f
Sha256: 6e6b8a71b9ab636f46ef6fb751f37120a507aac5d1782460de4c5ad46ee55016

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 13:59:44 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 02:35:00 GMT
Expires: Tue, 13 Dec 2022 02:34:59 GMT
Etag: "8c700c9b474198e8f9e6086639a8a126569f2e7f"
Cache-Control: max-age=563114,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77558b341bb80b06-OSL

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 13:08:58 GMT
cache-control: public,max-age=3600
age: 3046
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5245
Cache-Control: max-age=160471
Date: Tue, 06 Dec 2022 13:59:44 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:34:15 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-includes/theme-compat/sodium/css/vendor.677b4d5b.css HTTP/1.1 
Host: www.hicoa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hicoa.net/wp-includes/theme-compat/sodium/

search
                                         69.49.115.40
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 06 Dec 2022 13:59:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:37:39 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   81782
Md5:    0d46244bad8fe18e0f70149ebca65b68
Sha1:   c9a713c65566e38780a3cd7ef6e3c1c7c06e647e
Sha256: f556ccd79948503d5b300d8f9489f614a21b8986d31aa73abd14557097f35c92
                                        
                                            GET /app/count_server/count.js HTTP/1.1 
Host: count.carrierzone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hicoa.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         66.175.41.113
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Date: Tue, 06 Dec 2022 13:59:40 GMT
Server: Apache/2.2.15 (CentOS)
Last-Modified: Fri, 08 Jun 2012 10:17:02 GMT
Accept-Ranges: bytes
Content-Length: 36029
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   36029
Md5:    853f44f8a3814f75cd4556fbdcbe5d26
Sha1:   b3bb2ffd8dda9cf07a163a754595e57678a9f9b8
Sha256: f418e6b5416f03cbc22b24f481582e2d55ee0f7ca6989c562b59f12c9229214e
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 47E4NTe70xJJrH25jq2srA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.38.139.17
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NdwAXJWDsrLMgzx3N2AHRkYPRVg=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 13:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.hicoa.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 498654
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 13:59:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/theme-compat/sodium/js/vendor.d0887c5f.js HTTP/1.1 
Host: www.hicoa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hicoa.net/wp-includes/theme-compat/sodium/

search
                                         69.49.115.40
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 13:59:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:37:39 GMT
ETag: W/"70e65-5eed79a695bfd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (34560)
Size:   155889
Md5:    34a2fac48e1184629c54152455a92876
Sha1:   eecded50701802ea79f10231aea6b34e4d75ce8c
Sha256: 64cd378a2c6902c296304044c0e7e1c33ca544601d1d40b14bca0f533587181d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=167508
Date: Tue, 06 Dec 2022 13:59:45 GMT
Etag: "638f3625-117"
Expires: Thu, 08 Dec 2022 12:31:33 GMT
Last-Modified: Tue, 06 Dec 2022 12:31:33 GMT
Server: nginx
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 13:59:45 GMT
Etag: "638de48c-117"
Server: ECS (amb/6B83)
Content-Length: 279

                                        
                                            GET /track/ctin.php?t=1670335184918&custnum=ac0c9b354af84298&sname=www.hicoa.net&pagename=index.html&group=%2Fservices%2Fwebpages%2Fh%2Fi%2Fhicoa.net%2Fpublic%2Fwp-includes%2Ftheme-compat%2Fsodium&version=%24Rev%3A%207840%20%24&js=1&jv=0&resolution=1280x1024&color_depth=24&campaign=&referrer=&page_url=http%253A%252F%252Fwww.hicoa.net%252Fwp-includes%252Ftheme-compat%252Fsodium%252F%2523%252F&plugins= HTTP/1.1 
Host: count.carrierzone.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hicoa.net/

search
                                         66.175.41.113
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 06 Dec 2022 13:59:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.2.17
Set-Cookie: CTCNTNM_ac0c9b354af84298=87e2bb82fb3d7d93b8f5d4283bb380a9; expires=Mon, 06-Mar-2023 13:59:41 GMT
Content-Length: 42
P3P: CP="NOI NID ADMa OUR IND UNI COM NAV"
Expires: Thu, 01 Jan 1970 01:23:45 GMT
Last-Modified: Tue, 06 Dec 2022 13:59:42 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    bae3474ef15712706e514d9c40c3d1d5
Sha1:   b93948c072d6fd3dd9a2720cd837784a9c9ca337
Sha256: 5b27cb8a843da7b4f70f68d669798596541491654185df0bd45867d951a31947
                                        
                                            GET /socket.io/?EIO=3&transport=websocket HTTP/1.1 
Host: ns.cdn-services.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://www.hicoa.net
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n3A7wwpuliajMWRdoq5mwQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         172.67.188.229
HTTP/1.1 101 Switching Protocols
                                        
Date: Tue, 06 Dec 2022 13:59:45 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0+VqPAo/6LgYVx6sUOicDSsdGBc=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5rLN9Et25pyKEOwRPuUxLAOiE0QudoC4DCutsNBjCyoHLeQWTY1%2FnIFZ%2Fh95g6YEVPfkF63I1dMaMOIVhbL%2FB8m7%2BxV7mL2ukLusOqPvvt9tRj2XifnurxK2oPXEPzemvPdug0v"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77558b3be893b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=167508
Date: Tue, 06 Dec 2022 13:59:45 GMT
Etag: "638f3625-117"
Expires: Thu, 08 Dec 2022 12:31:33 GMT
Last-Modified: Tue, 06 Dec 2022 12:31:33 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 06 Dec 2022 13:59:45 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 12:40:39 GMT
Expires: Sat, 10 Dec 2022 12:40:38 GMT
Etag: "39ad2d7631b5b2f8c287b97d97e31540eb5fac6a"
Cache-Control: max-age=340252,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77558b3c3ba40b06-OSL

                                        
                                            GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1 
Host: www.credit-agricole.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hicoa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         158.191.172.47
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Date: Tue, 06 Dec 2022 08:49:49 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 06 Dec 2022 08:49:49 GMT
Cache-Control: max-age=2592000
Expires: Thu, 05 Jan 2023 08:49:49 GMT
vha6-origin: cats-rd14-prd
Age: 18596
X-Cache: HIT
X-Cache-Hits: 19282
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   6260
Md5:    6aad7b35286876f8eaf5bc8ca659e1b5
Sha1:   ea44f6b518e680fb5188f18b8202111aae5034a3
Sha256: 4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc
                                        
                                            GET /wp-includes/theme-compat/sodium/js/2.1e1a6a8e.js HTTP/1.1 
Host: www.hicoa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hicoa.net/wp-includes/theme-compat/sodium/

search
                                         69.49.115.40
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 13:59:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:37:39 GMT
ETag: W/"e6f-5eed79a693116"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3692), with no line terminators
Size:   1383
Md5:    72aa10539baab5a5f3216e8ad3f02586
Sha1:   5a62ff70c254ec7b149f8189a3624b1682a0050b
Sha256: d8eb1a34d50dfb313bbb6fbd1ffc2b3204cae5d69eedee04c963eb49d5ba84b1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11296
Expires: Tue, 06 Dec 2022 17:08:01 GMT
Date: Tue, 06 Dec 2022 13:59:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11296
Expires: Tue, 06 Dec 2022 17:08:01 GMT
Date: Tue, 06 Dec 2022 13:59:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11296
Expires: Tue, 06 Dec 2022 17:08:01 GMT
Date: Tue, 06 Dec 2022 13:59:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0mv3_bOi4kymDF7KB35kOjvgE9egGYnCMAXLGIse_PJE8bBMGLxdqw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 04:07:10 GMT
age: 35555
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9354
Md5:    2e11524d75503e35c404d6c9a12ac540
Sha1:   5626b75f5c2523f1a0fc301839a06a4e2407f106
Sha256: d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 58283
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11352
Md5:    7f2c354a00ab51d4a41221b6bf191c10
Sha1:   01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
Sha256: 7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 57017
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8b8df80-ffce-4960-a0e3-83eaf7ee52f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6352
x-amzn-requestid: cd970b83-2a99-4e38-afed-580d733040a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuWF1bIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-1ba552306e857bb37424d679;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m_QprITRv6aKoKB1VsoqgcIM18ZcHIrJk2gs7710QElOJBtrcskrJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:55 GMT
etag: "eaa956309d27052d466f7c4bd75b3bdf8443f251"
age: 58670
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6352
Md5:    ebd3528452aecd80e39bbf82d3f71f2c
Sha1:   eaa956309d27052d466f7c4bd75b3bdf8443f251
Sha256: 680066dadbddc2cd7179ad5bdfbf9b2014ea601561e585d18dfcda73512ae84a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 57924
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11175
Md5:    38b97436af942d5eb1111ca7043259a0
Sha1:   0234fe32c84c4711f0619714f3ac6d3db1b717d3
Sha256: a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
                                        
                                            GET /wp-includes/theme-compat/sodium/js/4.0ec808a8.js HTTP/1.1 
Host: www.hicoa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.hicoa.net/wp-includes/theme-compat/sodium/

search
                                         69.49.115.40
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 06 Dec 2022 13:59:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:37:39 GMT
ETag: W/"8080-5eed79a6a13e4"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (32779), with no line terminators
Size:   8406
Md5:    d9480d15c7e59b9ad52edb454ca0c3a0
Sha1:   e7b036090ee63bb716eb9da0ed7ae05d72c80057
Sha256: a4c44603643f2627ea52864371ee31d7cb8ad978f148905fc6094ee1196e37b3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13647
x-amzn-requestid: 36276b12-9e02-4d00-a100-9aa5c794fc79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ueEWUoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1329-7abb45a85c6bc2235c25d61e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dQ4mN1KRVnGOVvIC3PWBZCej-q8HKnM8NIb4iAS2uIiFHGNqprB1IA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 00:03:39 GMT
age: 50166
etag: "b0c9391b87a4560598e43d5084dda41e267974a9"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13647
Md5:    6079166a1ed5bac7373183f03f33b84e
Sha1:   b0c9391b87a4560598e43d5084dda41e267974a9
Sha256: 3e2faccbc3e14a10da4a433d789068cdc3fb2d3e2a04a7e2b7ea5f6f6313dcd4
                                        
                                            GET /wp-includes/theme-compat/sodium/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2 HTTP/1.1 
Host: www.hicoa.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.hicoa.net/wp-includes/theme-compat/sodium/css/vendor.677b4d5b.css

search
                                         69.49.115.40
HTTP/1.1 200 OK
                                        
Date: Tue, 06 Dec 2022 13:59:45 GMT
Content-Length: 102788
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:37:39 GMT
ETag: "19184-5eed79a697fc5"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 102788, version 1.0\012- data
Size:   102788
Md5:    df8803afe71155fa95130772bd0da593
Sha1:   bd7f2ac4af45ec77fe3f9f7310099e5b950af54e
Sha256: 9e0871a566b5aca8cac810404e207cb1eea58dbb04c5c97a7a860140edb9b5d0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg HTTP/1.1 
Host: www.credit-agricole.fr
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hicoa.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         158.191.172.47
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 06 Dec 2022 08:50:37 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Tue, 06 Dec 2022 08:50:37 GMT
Content-Length: 243919
Cache-Control: max-age=2592000
Expires: Thu, 05 Jan 2023 08:50:37 GMT
vha6-origin: cats-rd14-prd
Age: 18548
X-Cache: HIT
X-Cache-Hits: 1847
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricIntepretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3\012- data
Size:   243919
Md5:    b259c4797d838add41da1047021d2480
Sha1:   13de10f5a348efa8ff3d856f2e347eeff8a33579
Sha256: c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
                                        
                                            GET /ip HTTP/1.1 
Host: ns.cdn-services.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.hicoa.net/
Origin: http://www.hicoa.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.67.188.229
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 06 Dec 2022 13:59:45 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
set-cookie: cook-session=eyJ1c2VySUQiOiI3MjI5MiJ9; path=/; secure; httponly cook-session.sig=wD2iQKEl21yJG_b29ZT0CismXs0; path=/; secure; httponly
etag: W/"13d-+cK0ZY/3WenpUKC4WEVV6OYEvTU"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wlae9JI%2FvdzUyv2S58B%2FIorJX%2F72JskhE4J2MC0H3B6kVJSzCw%2BYhvBNoqr3w3ygh9HYbm8alobGDetJvuHgRWLO8nS5mv8oCHvV0FfeLa18elAFdJn36UlzKk9YqfQwR9aIjC7m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77558b3bc8ca0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Poppins:wght@400&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.hicoa.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.138
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 13:59:43 GMT
date: Tue, 06 Dec 2022 13:59:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---