Overview

URLcoupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m.
IP 146.59.209.152 (France)
ASN#16276 OVH SAS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-23 10:39:29 UTC
StatusLoading report..
IDS alerts0
Blocklist alert37
urlquery alerts No alerts detected
Tags None

Domain Summary (15)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-09-23 04:33:33 UTC 142.250.74.3
fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-23 10:16:36 UTC 142.250.74.10
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:49:01 UTC 143.204.55.110
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-23 08:34:06 UTC 93.184.220.29
use.typekit.net (3) 494 2012-07-05 01:42:39 UTC 2022-09-23 04:34:09 UTC 23.36.76.122
p.typekit.net (1) 620 2012-05-23 14:28:57 UTC 2022-09-23 04:34:09 UTC 23.36.76.122
r3.o.lencr.org (3) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.76.226
fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-23 04:33:31 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 05:06:00 UTC 143.204.55.115
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
coupdepouce.bzh (56) 0 2022-03-30 14:30:45 UTC 2022-09-23 00:22:51 UTC 146.59.209.152 Domain (manulife.com) ranked at: 87753
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 52.89.255.30
www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-23 04:33:31 UTC 142.250.74.72
ajax.googleapis.com (1) 12905 2014-10-18 20:16:48 UTC 2022-09-23 09:03:58 UTC 142.250.74.106

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011 (...) Phishing
2022-09-23 2 coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011 (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/liquid-icon/lqd-essent (...) Phishing
2022-09-23 2 coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011 (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/cookie-law-info/public/css/cookie-law-in (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/hub-core/assets/css/landinghub-core.min. (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/cookie-law-info/public/css/cookie-law-in (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/liquid_js_composer/assets/css/js_compose (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/hub-core/shortcodes/header-woo-search/he (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/revslider/public/assets/css/rs6.css?ver= (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 Phishing
2022-09-23 2 coupdepouce.bzh/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/liquid-gdpr/assets/js/liquid-gdpr.min.js (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/gsap/utils/SplitText.min.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/liquid_js_composer/assets/js/dist/js_com (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/fastdom/fastdom.min.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/revslider/public/assets/js/rbtools.min.j (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/bootstrap/js/bootstrap (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/intersection-observer.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/fontfaceobserver.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/gsap/utils/CustomEase. (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/tinycolor-min.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/lity/lity.min.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/js/animated-blob/liquidAnimate (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/particles.min.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/js/draw-shape/liquidDrawShape. (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/gsap/minified/ScrollTr (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/gsap/minified/DrawSVGP (...) Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/fresco/js/fresco.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/gsap/minified/gsap.min.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/lazyload.min.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/vendors/jquery-ui/jquery-ui.min.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/themes/hub/assets/js/theme.min.js Phishing
2022-09-23 2 coupdepouce.bzh/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ve (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 146.59.209.152
Date UQ / IDS / BL URL IP
2023-02-02 22:23:21 +0000 0 - 0 - 15 vitrophanie-lyon.com/public/hCWg251r7hP4sMaxG (...) 146.59.209.152
2023-02-02 20:09:52 +0000 0 - 0 - 14 vitrophanie-lyon.com/public/9VaGQo18e1v1E1hyo (...) 146.59.209.152
2023-02-02 17:17:32 +0000 24 - 1 - 27 strategieredacweb.com/wp-admin/images/capital (...) 146.59.209.152
2023-01-29 16:35:24 +0000 0 - 1 - 0 files.empireearth.eu/setup/game/neo/NeoEE_Set (...) 146.59.209.152
2023-01-29 16:34:54 +0000 0 - 1 - 0 files.empireearth.eu/setup/game/EE_Setup.exe 146.59.209.152


Last 5 reports on ASN: OVH SAS
Date UQ / IDS / BL URL IP
2023-02-03 19:50:00 +0000 0 - 0 - 4 bus4music.it/wp-admin/js/Gil/southeastwardly_ (...) 213.186.33.5
2023-02-03 19:47:06 +0000 0 - 0 - 2 rikiki.net/d0DOjAUJ 213.186.33.17
2023-02-03 19:45:26 +0000 0 - 1 - 0 agendaweb.org/verbs/past 87.98.231.19
2023-02-03 19:30:54 +0000 3 - 0 - 0 acquis01.com/url/projet/fonction/15262/?email (...) 51.178.58.3
2023-02-03 19:23:29 +0000 0 - 12 - 0 www.lora-wan.net/ 5.39.10.93


Last 1 reports on domain: coupdepouce.bzh
Date UQ / IDS / BL URL IP
2022-09-23 10:39:29 +0000 0 - 0 - 37 coupdepouce.bzh/gb_internet_customer_response (...) 146.59.209.152


No other reports with similar screenshot

JavaScript

Executed Scripts (44)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (84)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16502
Expires: Fri, 23 Sep 2022 15:14:20 GMT
Date: Fri, 23 Sep 2022 10:39:18 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 10:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3aFKsNCXHf2EgDSfn30ZPWgSKnG07E3ddchWcnklHLyQnisQWwxGgg==
Age: 1511


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.110
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4e8zvg7iAnQagyqtf582dQwLcxsFc3SJkb-IZ71el3A9mF704cQ5vQ==
age: 21844
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 10:39:18 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Fri, 23 Sep 2022 10:03:22 GMT
Expires: Fri, 23 Sep 2022 10:23:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aEQnw5TRstOny1syIC4JrgZ6-5soqQEkQ-5W0WHj6_QJexCH2vKklA==
Age: 2157


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m. HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         146.59.209.152
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Fri, 23 Sep 2022 10:39:19 GMT
transfer-encoding: chunked
server: Apache
x-powered-by: PHP/7.4
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
vary: Accept-Encoding
location: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m.
content-encoding: gzip
x-iplb-request-id: 5B5A2A9A:E6AC_923BD198:0050_632D8CD6_9B0B:51C3
x-iplb-instance: 41927


--- Additional Info ---
Magic:  data
Size:   25
Md5:    363f411ba212d4d1ccf7856f856145e9
Sha1:   08331057577f273187dd15e7c6f57937835e0aff
Sha256: c50b40612adfdbf2e228758746fc7927cf440cb9bb5a8280c00d7946632a1943

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4713
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 10:39:19 GMT
Last-Modified: Fri, 23 Sep 2022 09:20:46 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8017759F6507FE5AD3D819542E53814E089F0D4AE8DC277E22AEDC4A4138923C"
Last-Modified: Fri, 23 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 23 Sep 2022 16:39:19 GMT
Date: Fri, 23 Sep 2022 10:39:19 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: weE7zONCRf663PTAvq1enw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.89.255.30
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q/5wYmPU23l8xtzH+Qno+U5Z2hk=

                                        
                                            GET /gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m. HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         146.59.209.152
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
date: Fri, 23 Sep 2022 10:39:20 GMT
server: Apache
x-powered-by: PHP/7.4
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
vary: Accept-Encoding
location: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   528
Md5:    bf68867fa6d67e74f405167abf3699b7
Sha1:   b2e9f00caa22bf3e7529d58305192d1ab0f8a0dd
Sha256: 02f7c7eb7627a41b47188ea834df4ac8783a18767acb75814169d40c68331f10

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6837
Expires: Fri, 23 Sep 2022 12:33:17 GMT
Date: Fri, 23 Sep 2022 10:39:20 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13000
x-amzn-requestid: 7b2f1a90-cedc-403b-bdb0-f763b5bef824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2VOWGHXIAMFzXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c025b-74a08e472ef8b1227c0447e3;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 06:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l_CJpV9GPUzzbt8msOu-qQdwK9-vP5S-nHsgRPpwbue0Mf6FiBrEQA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 19:36:01 GMT
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
age: 54199
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13000
Md5:    634db5bfe2b27e608c3f3518b0c44ebb
Sha1:   06f5f63e681d711bd68626805c5dd2b902ebf9cf
Sha256: 935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6uqNnpll2kgC_0_t5e9yp0AgFAvprQq_GF_jgwj2sX2TE9S1l023Aw==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 03:58:47 GMT
age: 24033
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KKYAef15NoI3It5UfVcqhPx50Fr6IK7O2VFasuAILVN9PP8CH1_7Ng==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:58:25 GMT
age: 45655
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5ur411n5hU7eWb68iExZCUrhpCybRyTBHCi72ra8dS2kd3UhW8sb1A==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:59:00 GMT
age: 45620
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:04:45 GMT
age: 45275
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ac33f06-9198-44a5-b43b-9cbcc092cf52.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9481
x-amzn-requestid: d527d22a-6822-4b90-b9cb-034f58f73c24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0IGl7oAMFSKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4e7-13a676d9596cbd20663d2d8f;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8vtLV7n0bPpR5xQtqcH6WK7uBV4ObaMdy_9qN_TtISqAozEwPe0hA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:12:22 GMT
age: 44818
etag: "4156c37b612d5fb99c6b061187a3cb0b314ae4a8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9481
Md5:    1eab8da8cc1495a0221efadddd1a0bcc
Sha1:   4156c37b612d5fb99c6b061187a3cb0b314ae4a8
Sha256: 2fc5dbd9216f775cd305de80d17db2e6c74abcb1e30bfa7065c4d763a7345026
                                        
                                            GET /wp-content/themes/hub/assets/vendors/liquid-icon/lqd-essentials/fonts/lqd-essentials.woff2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 6047
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=2592000
expires: Sun, 23 Oct 2022 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 6024, version 1.0\012- data
Size:   6047
Md5:    39bcc0a06fc7819ab3c9c5fa0c1d5910
Sha1:   dca1a4a16fb5cc44a71d21155ce1b503170a9bf4
Sha256: 937279c31e9599bc4644f342a7746187200d9329e32ac39eeae4f2634ab60b93

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         146.59.209.152
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
server: Apache
x-powered-by: PHP/7.4
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://coupdepouce.bzh/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   20336
Md5:    fe6aa5586722b4a21cbb576bc60d461d
Sha1:   db8afcde7b5084e1158edbd41744c8ebd1673a89
Sha256: 3242638a18ed8a7907a28233e7de7d7eee0e55d33ebcc2f7df4a85789fa48505

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 953
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 13:11:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   953
Md5:    c503abd9f9fe09d22b59cb1fb0a292a8
Sha1:   a75f1bde1d2da3a4696a8e027eeaae4e96d21fec
Sha256: 56ea4b514650d10a9c4756a2eb1e4d292d138725164eec8c8ef004ceda2fece7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 11681
server: Apache
vary: Accept-Encoding
last-modified: Tue, 12 Jul 2022 17:34:53 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   11681
Md5:    e5548800176e913a9084f47a3e1e04f6
Sha1:   eff4604acc5c26ae82a19188de2f98bf5b79d80c
Sha256: a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/style.css HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 1103
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:42 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   1103
Md5:    1da6f04a06bda18ea3ace0b92e824f2a
Sha1:   239bfefa23a0f7ae8bea1736e8b8af0807188ac2
Sha256: 8f4f6676d421882159c0632b0822bc4c58a6b6952426d6b4eac101d40029a12a
                                        
                                            GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 4395
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 13:11:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   4395
Md5:    6ccc50d8058f37c03eea10782430638c
Sha1:   f9aced9bc0c8286be877fc48a10ae37fdcc2269c
Sha256: 534cd08c1ea0eaeebe1ba35b004f2a17d329a1d20c0b398785c4714458834b15
                                        
                                            GET /wp-content/themes/hub/assets/vendors/bootstrap/css/bootstrap.min.css HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 9922
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (49610)
Size:   9922
Md5:    a7b12fc8dea60e87937b1db6b5270d24
Sha1:   63b611a61f573b24b5d08df3aba4fdfcb514a30c
Sha256: dcb472707e447ef9913b20c88e7b1454c562a228a71ea727a0bdd35d3a690c04
                                        
                                            GET /wp-content/themes/hub/assets/css/theme-responsive-min.min.css?ver=6.0.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 3960
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22089), with no line terminators
Size:   3960
Md5:    f1e911b594b6455c9fbd6a783e23bea6
Sha1:   32d213384ceb6a983acafcf098a5a99e1cb3afb1
Sha256: f8b77a14d86b0ea29aa9508ab2d092dac9f8dabce95fcb48cb24c725d0138635
                                        
                                            GET /wp-content/plugins/liquid-gdpr/assets/css/liquid-gdpr.min.css?ver=6.0.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 610
server: Apache
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 08:18:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1463)
Size:   610
Md5:    3ea14b8ed635c8cf5aea581971d271a4
Sha1:   9aaf8f9dcb0f4f74a62c993df7babc09cc1e4301
Sha256: c7480d510ff7bd1ad9f3a3c746b1645d18a7d5a7120b2e952cfc9d19be16f5cc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 10:39:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2022/03/coupde-pouce.png HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 1650
server: Apache
vary: Accept-Encoding
last-modified: Fri, 01 Apr 2022 08:31:58 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sat, 21 Jan 2023 10:39:21 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 106, 8-bit colormap, non-interlaced\012- data
Size:   1650
Md5:    12eb349e426f594cb2dc2094949a71d5
Sha1:   23b504425cacdc2bc2df941c205800be267ba47e
Sha256: 1bc3f3b9cf9daf7d637a4fe43b6aabcea60b604356465fa16c75af4f563508f0
                                        
                                            GET /wp-content/uploads/liquid-styles/liquid-responsive-100.css?timestamp=1646388773&ver=6.0.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 139
server: Apache
vary: Accept-Encoding
last-modified: Fri, 04 Mar 2022 10:12:53 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   139
Md5:    d9ff4fdce2e0432d38046c8181b208e1
Sha1:   665d819c4bfc8165c3b66d1466f90eb442c671a7
Sha256: c2ef18df1a59c55001ca47a0badbd5f20bd92e51384d9f74345f4da5895947ba
                                        
                                            GET /wp-content/uploads/liquid-styles/liquid-css-global.css?timestamp=1649147577&ver=6.0.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 1091
server: Apache
vary: Accept-Encoding
last-modified: Tue, 05 Apr 2022 08:32:57 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4574), with CRLF, LF line terminators
Size:   1091
Md5:    f6a4854c753c6c713e9e786fcf845222
Sha1:   119ade740f9831af96e17a54792d7945b438652d
Sha256: 4d9ff0527d1aa215cb31580861c07d810f1339e4ab0ae67c7f7922430f666975
                                        
                                            GET /wp-content/plugins/hub-core/assets/css/landinghub-core.min.css?ver=6.0.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 233
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 16:56:19 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (736)
Size:   233
Md5:    8af8248d7ef157e88c3725902b3d8ed8
Sha1:   8c302fce82ee6ee66a5f62b9e3dba2c6867176ab
Sha256: db8c553ff7b09764feec420c58a76b1d523498cc9ab8591fd882d6e0afe48cad

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 4169
server: Apache
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4169
Md5:    5629711d7fdd5b28441bac39b851299f
Sha1:   4e0bf2b7383097f7c352023a1b1b1b48a50356b6
Sha256: 44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
                                        
                                            GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 7526
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 13:11:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   7526
Md5:    99b4ce14b33b03419e3809847af3fda7
Sha1:   aa0f15bb8b70726fd61c06e61faab08a6c758929
Sha256: 7994c287f4a7d3dfaa71f5eafdec1bd8341955b53b1ae2489772ac36e5f6a825
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 30908
server: Apache
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30908
Md5:    9640915738503451aa21181699feab5b
Sha1:   c053eaf36ef0da96619706b3abda326305063bd6
Sha256: f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.1.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 1731
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 13:11:16 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (401)
Size:   1731
Md5:    8d9b2928b6874e8da430585524784319
Sha1:   e3d99309ac812763f77759e258840f348357b607
Sha256: adfab777821109a22e899673a3688fa30f9cfd2f8bc18aad62bd9fddb5c93a02

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/liquid-icon/lqd-essentials/lqd-essentials.min.css HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 765
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (3158), with no line terminators
Size:   765
Md5:    ae1e0ef6a3aef5532fa71a78968f9ae7
Sha1:   49cca093016d1eb4ae3959b4b951a94ef7cd5e1f
Sha256: f58cefc5a87c61eb8bce172ebf21d2e3e596ccbf63bf650987eaf44dae1e2a5d
                                        
                                            GET /gtag/js?id=UA-159390811-103 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Sep 2022 10:39:21 GMT
expires: Fri, 23 Sep 2022 10:39:21 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1720)
Size:   42261
Md5:    c2481f45b57f2f7ae798813201241396
Sha1:   825a7232a1cf82df04c9d5cd9d021463370ef0ce
Sha256: ad642732750f810f76210eb0bade40d15057165286118efb3e7184516ffa2d13
                                        
                                            GET /wp-content/plugins/liquid_js_composer/assets/css/js_composer.min.css?ver=6.6.0 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 40569
server: Apache
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 08:18:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   40569
Md5:    5f2a9baf25483007d617b31f90501999
Sha1:   65634bcf85aca5a2babcd914fdadfa4b94dc84cb
Sha256: a32a86b6719e900bea59e7b339fbdf57d54924b80253056e40b70c5eefa23414

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/hub-core/shortcodes/header-woo-search/header-woo-search.js?ver=1.0.0 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 656
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 16:56:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   656
Md5:    3bff3876dc6f7560758038da45ce9bec
Sha1:   da1d460e6a13ce6e4f4ab86e3b5472f922c30e29
Sha256: 4ed3b9f6ec0a8524c4699bcb04fdb00357bc7fb434ecc42e21827b17e53ef3a4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/fresco/css/fresco.css HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 5792
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   5792
Md5:    364348532497274e79e5f445baffcdc2
Sha1:   b96f882564d89d5b915236bc8261544ad73e8272
Sha256: 5062be02a19036880c15eef6c91c7967c529c2ca0c77eca6752a52ca44ed69be
                                        
                                            GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.15 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 12293
server: Apache
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 08:18:48 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (12602)
Size:   12293
Md5:    ff57c0b9e50087edbb526daf95a7cf9e
Sha1:   b72bd86e0bfa33358ad3480d1c59b59231a92bcd
Sha256: f0ababac57af3467f9ce7e18ce545a70e952c59eeab3bdd88b148e131b684342

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 2457
server: Apache
vary: Accept-Encoding
last-modified: Tue, 24 May 2022 19:47:35 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6475), with no line terminators
Size:   2457
Md5:    27cbbd0a9d7c5ad9402118c4afc36035
Sha1:   7659d08a005f5ecfa6c779e3cda45c30007fd059
Sha256: ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 7095
server: Apache
vary: Accept-Encoding
last-modified: Tue, 24 May 2022 19:47:35 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size:   7095
Md5:    2f4fcc5a628b379672d76b7e91cbdf07
Sha1:   9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
Sha256: a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 6564
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:45:43 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21905), with no line terminators
Size:   6564
Md5:    38b247e8125da1a0dd504e02d8b6d2b7
Sha1:   2fbec20b65e15f0fa6355281036f00374dc9a1c2
Sha256: 52b2b12cee3c2999c8f2af3664c060144e0f8dba790602846584a1bd42442c82

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/hub-core/extensions/redux-typekit/liquid-typekit.js?ver=6.0.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 46
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 16:56:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   46
Md5:    55b04ac73271842b818e1f6898648faf
Sha1:   b8fbcebf9409c280e14cfbe6db8fe093e8e72289
Sha256: b90fb2807fe2a4725b7396d6bf53e88fb4f17e1342c7471ea8d6ffa78b29cfcd
                                        
                                            GET /wp-content/plugins/liquid-gdpr/assets/js/liquid-gdpr.min.js?ver=1.0.0 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 480
server: Apache
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 08:18:46 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1058), with no line terminators
Size:   480
Md5:    1fb41de18d1904f985e2c281e039a997
Sha1:   433a83a0750cccf3487f2c8f0f2496ae3b1623ee
Sha256: 8ccb7fef5657803b3e9463cbca92d8fbd349cc44fb7d392e4f07d88578862e60

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/gsap/utils/SplitText.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 5243
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15207)
Size:   5243
Md5:    a0b23dd29bb93c9ece0bb87665011c29
Sha1:   57c7177633f81e28b4ceacdd537677a181d04ce9
Sha256: ac1a1792e1b26626098c4ce64105b41020ccadc9c057d6461ea024e2055d104c

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/liquid_js_composer/assets/js/dist/js_composer_front.min.js?ver=6.6.0 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 5111
server: Apache
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 08:18:45 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (16718), with CRLF line terminators
Size:   5111
Md5:    a78295caea475948e4ce5f98e57c4fe9
Sha1:   7666975bdc698bc0c166ae8f253a33159a90015a
Sha256: d5dbeb76edf82c056b357f1571d0f9f275307c1fe7f350677f29702738ca354e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/fastdom/fastdom.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 905
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2086), with no line terminators
Size:   905
Md5:    fe7f47942f02e36f33c011bc2fc31645
Sha1:   45bce0e4b47a0987d4ae4f1bcae6b0bd795b58b9
Sha256: 6a6e76f2952a5db43bbfa1003de067f46775398fa50f2daebbbe66588cf0f427

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 1834
server: Apache
vary: Accept-Encoding
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5477)
Size:   1834
Md5:    951ae46ca55ec7b0e401e2074bdf8b54
Sha1:   64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
Sha256: fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.15 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 48780
server: Apache
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 08:18:48 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45108)
Size:   48780
Md5:    002803a95f84148b4b1d0ba26c282b2b
Sha1:   6ec77a19dc41f3b26aed3859a477958d7c6a4348
Sha256: f598f55c8842c2d82f2adf5f1bbd5c8baff23d23a90fc8f84dda1dd34acb2d90

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/bootstrap/js/bootstrap.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 7268
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27027)
Size:   7268
Md5:    63da1ce2fc636a42d42059f4afcb6928
Sha1:   d3f731213f015531584d367f142faadd0ac4c847
Sha256: 786feeb8f1052282136a374c640864402e7bb704feb4049fa54fd066b5a3037f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/intersection-observer.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 2641
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6765)
Size:   2641
Md5:    3b5b72390b2ee4f25583c53ca4cfc91c
Sha1:   28050a0d22ec4d857182fd8c79bcffaaa0236473
Sha256: db670df9389dffa7acc4a05cc3941874204dc4996f14aa2cbb1e06c0dc715e0f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/fontfaceobserver.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 2200
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (1031)
Size:   2200
Md5:    6571b1c666b4a16227a30c90297202d2
Sha1:   8f0944bab38c3010140fae08923b594201908447
Sha256: 22e9cfa85e0c34d752c7168a80175f4c37c84fa92ebd95367715c4badddd390f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/gsap/utils/CustomEase.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 3685
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6803)
Size:   3685
Md5:    329c410adbcf7185503c8b2f4e392d99
Sha1:   87373159e6ad125d9bdcbed58da8c7035dcdf2d3
Sha256: 922a1760a53603d5ba3e5feac4f04f9b7df883a8ee78c4d0f68a88e6044f2536

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/tinycolor-min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 5250
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (14680)
Size:   5250
Md5:    ea1bd89b103c64b117e80cde1e613d41
Sha1:   c21079f78a4ac84069f7460093a2fdbd4857c11c
Sha256: f7195e06dcd1b63834dce57370038add295c84c6b085d47da0237166d50a4fe0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/lity/lity.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 2325
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5050)
Size:   2325
Md5:    5cba6b34775cb69a78569784caffec07
Sha1:   97ef54279673480a12c614eb340af7fd23ec3712
Sha256: c04a273cb1a612e06a03f228ff7f3edb6880c8a426c3a224572b45483cfcc01b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/js/animated-blob/liquidAnimatedBlob.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 1578
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3723), with no line terminators
Size:   1578
Md5:    f221f74cb6044a3090763b4e30ed242c
Sha1:   de256fde0584ec1b8853573aff6f0fb180f57f90
Sha256: 01c4fa92149dd9c1d2f300a85bf9faf85e9a5cda75971ab1b424e97ead5a342b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/particles.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 5946
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (22904)
Size:   5946
Md5:    1c32c67cbc7abe93ba54d252b18b08d9
Sha1:   b4cba6b595687b144a4630edd44043a600575514
Sha256: 721287c64cd59a26e60994b492b20703892919b352a0d6d4d4c1c0d1e8b9fca5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/js/draw-shape/liquidDrawShape.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 521
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1032), with no line terminators
Size:   521
Md5:    92eb06214e461207d7beb444dea639c3
Sha1:   c0e428abbc5c160956c2b727f470a7d4b896e10f
Sha256: a0598bdcdaf266f1e1d07d3013821558103158b6eb4bd69586bf63589cc5ef42

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/gsap/minified/ScrollTrigger.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 14887
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (35477)
Size:   14887
Md5:    e322f917c8abc874722736065f8656f2
Sha1:   b625e569395c6b995ebe3b2898858d60670572bb
Sha256: 2684b33ff689c6959dcacd068a88bc233499dfe3fb6d9ee80e1b4b19cb9d32a9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/gsap/minified/DrawSVGPlugin.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 2114
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3882)
Size:   2114
Md5:    604d9015df04ffed30b066d4e5833df5
Sha1:   af8760731366ad224bbe05b72cfb12b23de58107
Sha256: e7e35d34cd721f7602c2da9441b7be6500bf70a56a28157516d991538f67da3e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/fresco/js/fresco.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 16333
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31993)
Size:   16333
Md5:    ff17d0410f61fd875885f5b377235045
Sha1:   5568279f6bcae67d56e25c07c617bd45d218b6a2
Sha256: afb038cbbbe7f4d7e7ec0d26c5e7f430b8932b0938439c98241a420c704aa2e6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 10:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/hub/assets/vendors/gsap/minified/gsap.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 25651
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64964)
Size:   25651
Md5:    216db7cb42d02e6b096c9141d632926d
Sha1:   5bac1430612df50d3bc9923f2cf083f5dbff0a23
Sha256: ba784c3f4ad821c9f8f99ae10c13c983072751fc454a32f94daf5328365ccd2a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/lazyload.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 3054
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8771)
Size:   3054
Md5:    115cda6cfd193d90e0ca5ab01bc93d0e
Sha1:   948473a7d15ccc3aab2dd69bd815f21f297b7014
Sha256: 5300899e25b2eb32b841664013286ccadbf0c54cf86891016768819d6928f306

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/vendors/jquery-ui/jquery-ui.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
content-length: 29395
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65028)
Size:   29395
Md5:    4596db032e9118d684e8562a6d1b7357
Sha1:   7f0abe175b78bf99c9b13ff356a27b1d015ae139
Sha256: cfda799d32bff6d37f066e02616e0de9b318b279ccea9ab914eb907beb0e5a5d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/hub/assets/css/theme-responsive-max.min.css?ver=6.0.2 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:22 GMT
content-length: 834
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:22 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2845), with no line terminators
Size:   834
Md5:    10219455934274790902fe5097bea2a2
Sha1:   30935375328aa83b0eb0f099298bf6b95f8ab194
Sha256: cdc775a489f0517ea2dda1fc88879afc561478e5cd2330785b2f5608eb21881a
                                        
                                            GET /wp-content/uploads/2022/03/cropped-Groupe-211-300x300.png HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 23 Sep 2022 10:39:22 GMT
content-length: 3549
server: Apache
vary: Accept-Encoding
last-modified: Fri, 01 Apr 2022 08:31:57 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sat, 21 Jan 2023 10:39:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 300 x 300, 4-bit colormap, non-interlaced\012- data
Size:   3549
Md5:    2c5be51ba924ab19257a6985edf4abc6
Sha1:   0bfc3cf7baf3e80897cd4a3e1dedd6510477fd5c
Sha256: a8d94a5985796c6a97f40166c65a2e15cbcf006ed311b91ca44bb45c7d862751
                                        
                                            GET /wp-content/uploads/2022/03/cropped-Groupe-211-150x150.png HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 23 Sep 2022 10:39:22 GMT
content-length: 1804
server: Apache
vary: Accept-Encoding
last-modified: Fri, 01 Apr 2022 08:31:57 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sat, 21 Jan 2023 10:39:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Size:   1804
Md5:    d108e47e99be03db8eceed075a08f9ce
Sha1:   ce2ae6a34e1d0f3398a772ec77e0ab33ee8997e4
Sha256: 8d390409aa1dbb1a36ce2699b6f93a3212b0ca2a8e83ca9f51d4780b4e8c09ee
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 10:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/webfont/1.6.16/webfont.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 19:13:58 GMT
expires: Sun, 17 Sep 2023 19:13:58 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 487524
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2220)
Size:   5480
Md5:    f72713534a64bf9c9aaee850092e823e
Sha1:   3ab0bb192e219d115b92f5fd590b43698d44d717
Sha256: 044da58d8894bb8f8464c19e34d3f4c454c222618f0c8f98aa705549c0215d97
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 10:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cwd5wcp.js HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.122
HTTP/2 200 OK
content-type: text/javascript;charset=utf-8
                                        
server: nginx
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6675
date: Fri, 23 Sep 2022 10:39:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2258)
Size:   6675
Md5:    043c5585b498ce40f9a60b9bd48f806b
Sha1:   a426d4ce7d48e7594cb0483dc58095c86cf1a69b
Sha256: 1028c82d0ff04f18e4a595d19d2c0fa164b9342225257a7145dee5bf751057a0
                                        
                                            GET /wp-content/uploads/2022/03/Ligne-3.png HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Cookie: cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 23 Sep 2022 10:39:22 GMT
content-length: 84
server: Apache
vary: Accept-Encoding
last-modified: Fri, 01 Apr 2022 08:31:06 GMT
accept-ranges: bytes
cache-control: max-age=10368000, public
expires: Sat, 21 Jan 2023 10:39:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 101, 1-bit colormap, non-interlaced\012- data
Size:   84
Md5:    0e6069501b242136d902cea71111a090
Sha1:   43d41ee1b67fa27e2a944943cac9cd3f1bd89072
Sha256: dff1a1b09e0cf99cbc4de056a661d2e4d66781771ca6a5cce6799f3691333109
                                        
                                            GET /wp-content/themes/hub/assets/css/theme.min.css HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   92091
Md5:    83961574ab57e1991d541450fba188b8
Sha1:   5fa00800ea5e783edd784db709d5fb4fd16d43e1
Sha256: 8ef208627edccd563560d26c9cb22c70c70b346bdcd8659ea251100720516c7a
                                        
                                            GET /af/341355/000000000000000077359e98/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coupdepouce.bzh
Connection: keep-alive
Referer: https://coupdepouce.bzh/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 19492
etag: "31a9ef1f7181193c266ba60d45b5dcfa7d946e2e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 23 Sep 2022 10:39:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 19492, version 1.0\012- data
Size:   19492
Md5:    f5dee1c59acab830f05a1acf7a1faa40
Sha1:   7e1ea646f089007d5c3e78aea0c7c73a82a20c6d
Sha256: 365d62df2361f71d03c42759a078753c293ef35396d4b86dd46f1bdd311548b3
                                        
                                            GET /af/4a8a65/000000000000000077359e9c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1 
Host: use.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coupdepouce.bzh
Connection: keep-alive
Referer: https://coupdepouce.bzh/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.122
HTTP/2 200 OK
content-type: application/font-woff2
                                        
server: nginx
content-length: 19088
etag: "1571544bef2f8837a6aeb1250eb60b01167a7b57"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Fri, 23 Sep 2022 10:39:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), CFF, length 19088, version 1.0\012- data
Size:   19088
Md5:    c52b5c6fca3ab064ec75627d8797dedc
Sha1:   d18f7f2da2ea5938b5d858fceb9ed0d4167389cf
Sha256: 1224ffd56d7c369fb81c27866dff663e5956f1ebe6c31d47902e3209e5c4abc9
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://coupdepouce.bzh
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 140714
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /p.gif?s=1&k=cwd5wcp&ht=tk&h=coupdepouce.bzh&f=12102.12103&a=1088800&js=1.21.0&app=typekit&e=js&_=1663929562030 HTTP/1.1 
Host: p.typekit.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.122
HTTP/2 200 OK
content-type: image/gif
                                        
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
etag: "61c32ad2-23"
last-modified: Wed, 22 Dec 2021 13:40:34 GMT
server: nginx
content-length: 35
unused62: 8096267
date: Fri, 23 Sep 2022 10:39:22 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   35
Md5:    81144d75b3e69e9aa2fa3e9d83a64d03
Sha1:   f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
Sha256: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 10:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/hub/assets/js/theme.min.js HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
server: Apache
vary: Accept-Encoding
last-modified: Tue, 23 Aug 2022 11:34:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Roboto:400 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Sep 2022 10:39:22 GMT
date: Fri, 23 Sep 2022 10:39:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.15 HTTP/1.1 
Host: coupdepouce.bzh
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coupdepouce.bzh/gb_internet_customer_response@manulife.com/1/8/19/2022%2011:32:52%20p.m
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         146.59.209.152
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 23 Sep 2022 10:39:21 GMT
server: Apache
vary: Accept-Encoding
last-modified: Thu, 03 Mar 2022 08:18:48 GMT
accept-ranges: bytes
cache-control: max-age=31536000, public
expires: Sat, 23 Sep 2023 10:39:21 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing