r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b642ec5702fb818c5d1c67168cc68fdb
015146489a8e7fcb4ba0ba74cfe757a072705f93
4846d047a23903856bd113d02639ce7e08a1e40030151d302295b2d12df98ffc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4846D047A23903856BD113D02639CE7E08A1E40030151D302295B2D12DF98FFC"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7107
Expires: Tue, 13 Dec 2022 05:48:19 GMT
Date: Tue, 13 Dec 2022 03:49:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3c0c53379f331e934f61070074d41035
420f6e542cbf741838566f22e475a80e2f600d21
4b7213ec107cdf1c2cd61a124453fb682ec291af0004d071105c87e2fe7528f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B7213EC107CDF1C2CD61A124453FB682EC291AF0004D071105C87E2FE7528F5"
Last-Modified: Mon, 12 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3221
Expires: Tue, 13 Dec 2022 04:43:33 GMT
Date: Tue, 13 Dec 2022 03:49:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 13 Dec 2022 03:08:43 GMT
content-type: application/json
age: 2469
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4775
Expires: Tue, 13 Dec 2022 05:09:27 GMT
Date: Tue, 13 Dec 2022 03:49:52 GMT
Connection: keep-alive
zepedalawfirm.com/immigration.html
199.34.228.65301 Moved Permanently 253 B URL HTTP/1.1 zepedalawfirm.com/immigration.html
IP 199.34.228.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4aebf0a3a0400aaf0541be6b040bb56b
d7d438cac18306162da1c3130da80bd9a8dc4942
e0a705dea32e08196cdc1dfadf2abaf9b07c946f74ef45922367503c5c04ff0c
Analyzer Verdict Alert fortinet Malware
GET /immigration.html HTTP/1.1
Host: zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Dec 2022 03:49:52 GMT
Server: Apache
Location: http://www.zepedalawfirm.com/immigration.html
Content-Length: 253
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4voUKqWINza7dWl5KiSz3DhlbtQwDwop5hS3EKNDResjIWEcGN70UOnjtSwsIA9M45wtPRrEoNI=
x-amz-request-id: F2AA66W15KMCH5WD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 13 Dec 2022 02:51:44 GMT
age: 3488
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Dec 2022 03:49:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 13 Dec 2022 03:07:57 GMT
age: 2516
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.zepedalawfirm.com/immigration.html
199.34.228.65301 Moved Permanently 430 B URL HTTP/1.1 www.zepedalawfirm.com/immigration.html
IP 199.34.228.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fcb27dd4d45fc4871a54ded379d27f16
105c33e9b459648065f7337b58553354e21ec3d9
2aceac74174820c0c44d827342e6bb1525cb79b9b40ac6865279a2dfb4a7d1ac
Analyzer Verdict Alert fortinet Malware
GET /immigration.html HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Dec 2022 03:49:53 GMT
Server: Apache
Set-Cookie: is_mobile=0; path=/; domain=www.zepedalawfirm.com
Vary: X-W-SSL,User-Agent
Location: https://www.zepedalawfirm.com/immigration.html
X-Host: grn27.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 430
Keep-Alive: timeout=10, max=64
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee19f96e42a0eca99d00c8d91f977c35
3bf8dbf8b8ce6ea7adadf7bb92cae2f9502fbee9
6d8adcb1494bfe2ca73cd6b77eb57b2d08e07b05eb892fea98a1fde0bfb2ea12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5839
Cache-Control: max-age=111257
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 03:49:53 GMT
Etag: "6396ef2b-1d7"
Expires: Wed, 14 Dec 2022 10:44:10 GMT
Last-Modified: Mon, 12 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.242.3.166101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.3.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Wl4AmckyEBJ2AfH3W3wDTw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: j14Vd+OQSi6/JsSzbXeIx/eE5KE=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fcc8498b0e26f2458d980eada3788ee0
3bb7b81b24b88fa6ec87ea67087177820130c580
6112b2e30249daaec4e67d73db2b99bfee8d642704558f8b65ac848e64148abd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6112B2E30249DAAEC4E67D73DB2B99BFEE8D642704558F8B65AC848E64148ABD"
Last-Modified: Sun, 11 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Dec 2022 09:49:53 GMT
Date: Tue, 13 Dec 2022 03:49:53 GMT
Connection: keep-alive
www.zepedalawfirm.com/immigration.html
199.34.228.65200 OK 7.9 kB URL HTTP/1.1 www.zepedalawfirm.com/immigration.html
IP 199.34.228.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2142), with CRLF, LF line terminators
Hash 3824749b2bc88998325a49ef24eb7a7c
d9655c3e1f107167e5f3c49646fd2e317f1ffcd7
d5d880784550ae7beef7a0a783cf2a3e463f2f94a6e8fb718614526f826bb36e
Analyzer Verdict Alert fortinet Malware
GET /immigration.html HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 03:49:53 GMT
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
Set-Cookie: is_mobile=0; path=/; domain=www.zepedalawfirm.com
language=en; expires=Tue, 27-Dec-2022 03:49:54 GMT; Max-Age=1209600; path=/
Cache-Control: private
ETag: W/"ff9e557971e102409e12290a6a99057e-gzip"
Content-Encoding: gzip
X-Host: grn142.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 7872
Keep-Alive: timeout=10, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1549326559&
151.101.193.46200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1549326559&
IP 151.101.193.46:0
File type ASCII text, with very long lines (65024)
Hash 58a9c1c02a5743ff2107715d041d28b7
619d9394e8b3afce9f9cc066b924ddb5d3265265
98b8090e2292b69bb8ad0ef4082f55458b891130ee6b3d9c6fce5075eec64dbf
GET /js/lang/en/stl.js?buildTime=1549326559& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 05 Dec 2022 23:37:49 GMT
etag: "638e80cd-2c22a"
expires: Tue, 20 Dec 2022 10:09:39 GMT
cache-control: max-age=1209600
x-host: blu125.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 03:49:54 GMT
age: 582014
x-served-by: cache-sjc10021-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 33, 1
x-timer: S1670903394.286080,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32800
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/sites.css?buildTime=1549326559
151.101.193.46200 OK 30 kB URL HTTP/2 cdn2.editmysite.com/css/sites.css?buildTime=1549326559
IP 151.101.193.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d10158b22b553f723d99dc78eaee6390
80f2d6670cfb0d01cd20c471cf8e3e6465ddd3f6
939c7a8e1ad74a44e0c847e38533e69e36454b6805d25acf3fb0cb5c472d245e
GET /css/sites.css?buildTime=1549326559 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 29 Nov 2022 20:16:01 GMT
etag: W/"63866881-347ac"
expires: Wed, 14 Dec 2022 08:10:28 GMT
cache-control: max-age=1209600
x-host: grn124.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 03:49:54 GMT
age: 1107565
x-served-by: cache-sjc10048-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 84, 1
x-timer: S1670903394.290410,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29746
X-Firefox-Spdy: h2
cdn2.editmysite.com/css/old/slideshow/slideshow.css?1549326559
151.101.193.46200 OK 1.5 kB URL HTTP/2 cdn2.editmysite.com/css/old/slideshow/slideshow.css?1549326559
IP 151.101.193.46:0
File type ASCII text, with very long lines (7352)
Hash ba9bbd4df86b5b255f5ef44658e52130
3970cecb6939475f95556c2d32d17de0d1645f32
244b7b062e6e558009c622e46008d5542604b9163315220199a2ac50868ff3e5
GET /css/old/slideshow/slideshow.css?1549326559 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Tue, 29 Nov 2022 20:16:21 GMT
etag: W/"63866895-1cb9"
expires: Wed, 14 Dec 2022 13:54:07 GMT
cache-control: max-age=1209600
x-host: blu9.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 03:49:54 GMT
age: 1086947
x-served-by: cache-sjc10048-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 26, 1
x-timer: S1670903394.292998,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1488
X-Firefox-Spdy: h2
cdn2.editmysite.com/js/site/main.js?buildTime=1549326559
151.101.193.46200 OK 146 kB URL HTTP/2 cdn2.editmysite.com/js/site/main.js?buildTime=1549326559
IP 151.101.193.46:0
File type ASCII text, with very long lines (32147)
Size 146 kB (146400 bytes)
Hash 81b8673c5d3aa3ab8c0574f2a8f0e3b4
2e0661bc7907d9e2703b3347c3fec579f0aef5d6
0e981f4de6287406ce261fddea24aa05ded4b6a8c4c07283c363c1502071cf40
GET /js/site/main.js?buildTime=1549326559 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 20:16:26 GMT
etag: "6386689a-74804"
expires: Thu, 15 Dec 2022 08:38:02 GMT
cache-control: max-age=1209600
x-host: grn121.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 03:49:54 GMT
age: 1019512
x-served-by: cache-sjc10083-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 1
x-timer: S1670903394.287097,VS0,VE8
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 03:49:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0f3dad0d025c4b6b8abd5d698f00cfbd
3a82ecac8709c7acd620316502a0e774ac3b1170
8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 03:49:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1549318948&
151.101.193.46200 OK 33 kB URL HTTP/2 cdn2.editmysite.com/js/lang/en/stl.js?buildTime=1549318948&
IP 151.101.193.46:0
File type ASCII text, with very long lines (65024)
Hash d8a96093e4ac9525ad79fcfd57d8ef8a
c69965f81400795e52e7795f2befbb62dc84dbeb
260dadf35ac438d5101a0c5ad9f48d631d6e9652e92761af42e81338153831f2
GET /js/lang/en/stl.js?buildTime=1549318948& HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 20:14:49 GMT
etag: "63866839-2c00a"
expires: Thu, 15 Dec 2022 12:14:10 GMT
cache-control: max-age=1209600
x-host: blu74.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 03:49:54 GMT
age: 1006543
x-served-by: cache-sjc10042-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 47, 1
x-timer: S1670903394.287010,VS0,VE8
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 32668
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 22:01:48 GMT
expires: Wed, 06 Dec 2023 22:01:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 539286
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.zepedalawfirm.com/files/main_style.css?1549320163
199.34.228.65200 OK 2.3 kB URL HTTP/1.1 www.zepedalawfirm.com/files/main_style.css?1549320163
IP 199.34.228.65:0
File type ASCII text, with very long lines (368)
Hash d780f430ac96a22c1015c9db12ca3090
2731a5961ccdfa8196eac7c39a931c20da0ac671
387070d8c3c76b567b27088a01c2f719325cb62718a0552a4d3014013cae92c5
Analyzer Verdict Alert fortinet Malware
GET /files/main_style.css?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:54 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: blu148.sf2p.intern.weebly.net
Content-Encoding: gzip
cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1549326559
151.101.193.46200 OK 13 kB URL HTTP/2 cdn2.editmysite.com/js/old/slideshow-jq.js?buildTime=1549326559
IP 151.101.193.46:0
File type ASCII text, with very long lines (32013)
Hash da04d4da36c827437eb064334cf40561
b54b259c2dce4a00e265deddf2ee0941dda6ed40
0064ed54b2f6244cda5252037026ceb744b58067811265aa1a10c3f7cd937b3a
GET /js/old/slideshow-jq.js?buildTime=1549326559 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Tue, 06 Dec 2022 18:44:07 GMT
etag: "638f8d77-9e0b"
expires: Wed, 21 Dec 2022 09:36:53 GMT
cache-control: max-age=1209600
x-host: grn68.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 03:49:54 GMT
age: 497580
x-served-by: cache-sjc10081-SJC, cache-bma1679-BMA
x-cache: HIT, MISS
x-cache-hits: 44, 0
x-timer: S1670903394.283045,VS0,VE167
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 13265
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4cfff21eb23d58996d9e27a376974cb5
79c2ffbc0f6594a69eaa643edee1757760fb848e
7916a7a170a38e6b445dadcf83d3fac44305960c6c15f756e0cde0a6a6e90970
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 03:49:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn2.editmysite.com/css/old/fancybox.css?1549318948
151.101.193.46200 OK 1.2 kB URL HTTP/2 cdn2.editmysite.com/css/old/fancybox.css?1549318948
IP 151.101.193.46:0
File type ASCII text, with very long lines (3910)
Hash b644e92258f4c7c0b4270047652d1e60
93734d52ee9e86a768159e514076051813c39cd9
29199496fb817668f887938571046abcdfb49063d0207d571b361f221f467907
GET /css/old/fancybox.css?1549318948 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css
last-modified: Fri, 09 Dec 2022 14:38:36 GMT
etag: "6393486c-f47"
expires: Mon, 26 Dec 2022 07:42:31 GMT
cache-control: max-age=1209600
x-host: grn25.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 03:49:54 GMT
age: 72442
x-served-by: cache-sjc10045-SJC, cache-bma1679-BMA
x-cache: HIT, MISS
x-cache-hits: 8, 0
x-timer: S1670903394.290806,VS0,VE181
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
X-Firefox-Spdy: h2
www.zepedalawfirm.com/files/templateArtifacts.js?1549320163
199.34.228.65200 OK 1.6 kB URL HTTP/1.1 www.zepedalawfirm.com/files/templateArtifacts.js?1549320163
IP 199.34.228.65:0
File type exported SGML document, ASCII text, with very long lines (1630)
Hash e0836e8203c22b8e4086f27e91e86f5a
28235e77f5a895c8cd411aff4a6ef4e6f7d419c2
32dbc4a2eeca39a57d35670f00e2cf59e03c279521e47506c56c5c36d8b664b6
Analyzer Verdict Alert fortinet Malware
GET /files/templateArtifacts.js?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:54 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Headers: Origin, Authorization, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: *
X-Host: grn141.sf2p.intern.weebly.net
Content-Encoding: gzip
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q3
IP 104.18.20.226:0
Hash fd07ebaf25549b0d6d4f53d39dedc678
56b2a01138ea21364c9c6928d28484f486212499
91c350870eff93fed6661189a7e94c0ff47d244a4bd7175ffcc5d1a81cb3cc56
POST /ca/gsatlasr3dvtlsca2022q3 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 03:49:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "27ADBB781238638B3B49C11C48E0105B72873AF9"
Expires: Tue, 13 Dec 2022 15:00:00 UTC
Last-Modified: Tue, 13 Dec 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 778bbb870fb50b65-OSL
www.zepedalawfirm.com/uploads/2/2/8/3/22837988/7109847.jpg?160
199.34.228.65200 OK 14 kB URL HTTP/1.1 www.zepedalawfirm.com/uploads/2/2/8/3/22837988/7109847.jpg?160
IP 199.34.228.65:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 159x151, components 3\012- data
Hash ce72bd658a36eb65a944914d32421128
eb90b05bb9e49cf7e304a61743af860c110b3e23
8e71c0fede69731bb8b606db08d25ebae5c7f56a8e631351117b4b3a2c4fbafb
Analyzer Verdict Alert fortinet Malware
GET /uploads/2/2/8/3/22837988/7109847.jpg?160 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:54 GMT
Content-Type: image/jpeg
Content-Length: 14398
Connection: keep-alive
Last-Modified: Thu, 14 Nov 2019 06:36:37 GMT
x-rgw-object-type: Normal
ETag: "ce72bd658a36eb65a944914d32421128"
x-amz-request-id: tx0000000000000467169d8-006397f662-c6aed46-sfo1
X-Storage-Bucket: z8e71
X-Storage-Object: 8e71c0fede69731bb8b606db08d25ebae5c7f56a8e631351117b4b3a2c4fbafb
X-Host: grn61.sf2p.intern.weebly.net
Accept-Ranges: bytes
cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1549326559
151.101.193.46200 OK 472 B URL HTTP/2 cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1549326559
IP 151.101.193.46:0
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
GET /js/site/main-customer-accounts-site.js?buildTime=1549326559 HTTP/1.1
Host: cdn2.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 20:03:55 GMT
etag: "6385142b-8250f"
expires: Tue, 13 Dec 2022 09:30:57 GMT
cache-control: max-age=1209600
x-host: grn119.sf2p.intern.weebly.net
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 13 Dec 2022 03:49:54 GMT
age: 1189137
x-served-by: cache-sjc10022-SJC, cache-bma1679-BMA
x-cache: HIT, HIT
x-cache-hits: 8, 1
x-timer: S1670903394.286171,VS0,VE15
vary: Accept-Encoding
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 158930
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 03:49:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rosario/v27/xfux0WDhWW_fOEoY2FP9zQ.woff2
142.250.74.35200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/rosario/v27/xfux0WDhWW_fOEoY2FP9zQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 32332, version 1.0\012- data
Hash 8ea83423eb421b5c10afec23c4327753
4310fcd99af0f4c2ce00f4b448e61047032aedae
88cd1f5c17d40565f6eff217d07528a0ac35bf441a490ca73ea4ce7246886cea
GET /s/rosario/v27/xfux0WDhWW_fOEoY2FP9zQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zepedalawfirm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 14:38:20 GMT
expires: Wed, 06 Dec 2023 14:38:20 GMT
cache-control: public, max-age=31536000
age: 565894
last-modified: Mon, 18 Jul 2022 19:46:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/quattrocento/v17/OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2
142.250.74.35200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/quattrocento/v17/OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 35872, version 1.0\012- data
Hash 62d2afa37918c2d8841c75898eadd68f
d6da38ee9ba1db21b7ee298f0018c2010d5ad882
fe65e8f74381d5afc5a63c298f62b26c4b68531e9e2792e6fa63f4af24842596
GET /s/quattrocento/v17/OZpEg_xvsDZQL_LKIF7q4jP3w2j6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zepedalawfirm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:52 GMT
expires: Sat, 09 Dec 2023 13:33:52 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:12:18 GMT
content-type: font/woff2
age: 310562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 946 B IP 142.250.74.131:0
File type gzip compressed data, max compression\012- data
Hash f1419c607efb6c5b4fa76ace2361ea93
88800f04197c23268eab702781f475e1065d9037
46b13cc7ec0fee668622fab3d38d2e38c1318c273b552a6a4edaea415fc45907
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 03:49:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.zepedalawfirm.com/uploads/2/2/8/3/22837988/background-images/378837242.jpg
199.34.228.65404 Not Found 3.7 kB URL HTTP/1.1 www.zepedalawfirm.com/uploads/2/2/8/3/22837988/background-images/378837242.jpg
IP 199.34.228.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (368)
Hash 2eeb3e560ca8f369be20ceb5858a4701
6c53e6b66c1bc6d0b93116e14fb79c30424bf36c
ac2d9485acf7e9c29d94d31f19d3aedda958cd4f6119ddc888fbbde52d6078dd
GET /uploads/2/2/8/3/22837988/background-images/378837242.jpg HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 13 Dec 2022 03:49:54 GMT
Content-Type: text/html
Content-Length: 3739
Connection: keep-alive
ETag: "630fbfe7-e9b"
X-Host: blu40.sf2p.intern.weebly.net
www.zepedalawfirm.com/files/theme/social-icons.png?1549320163
199.34.228.65200 OK 7.6 kB URL HTTP/1.1 www.zepedalawfirm.com/files/theme/social-icons.png?1549320163
IP 199.34.228.65:0
File type PNG image data, 336 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 509096dfbbb8959a0d90ec5c30664785
39f4ea15ef6e016ee98727c6e071f1f62a0f9ff4
321c9df01792ab2f80f171cf3549e04d9e1a1a26c436c2dade7c7bb997f97147
GET /files/theme/social-icons.png?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:54 GMT
Content-Type: image/png; charset=binary
Content-Length: 7646
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:43 GMT
x-rgw-object-type: Normal
ETag: "509096dfbbb8959a0d90ec5c30664785"
x-amz-request-id: tx00000000000000da729e6-0061ba651e-a9f41e7-sfo1
X-Storage-Bucket: z321c
X-Storage-Object: 321c9df01792ab2f80f171cf3549e04d9e1a1a26c436c2dade7c7bb997f97147
X-Host: blu62.sf2p.intern.weebly.net
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8239
Expires: Tue, 13 Dec 2022 06:07:14 GMT
Date: Tue, 13 Dec 2022 03:49:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8239
Expires: Tue, 13 Dec 2022 06:07:14 GMT
Date: Tue, 13 Dec 2022 03:49:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 08f7321e01de2d111fc8100424937061
01ea459fe9270ea25e3cec2228d1cf3cd61d80b8
36ca62b5281e0d5434f0bf6119b2074eb05f5336db3113b5556d2a4273ed2816
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36CA62B5281E0D5434F0BF6119B2074EB05F5336DB3113B5556D2A4273ED2816"
Last-Modified: Mon, 12 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8239
Expires: Tue, 13 Dec 2022 06:07:14 GMT
Date: Tue, 13 Dec 2022 03:49:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc382005-a626-4501-bbc4-dd292a018cd1.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc382005-a626-4501-bbc4-dd292a018cd1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0af3d170e1aabf9c790605c13ca1859b
a4e84853e7f600d113ad5027c5ef240c9aa4756b
4933ac8f5a581588974240bb192ef7d1798b7e67428c98acd454ec0948848b29
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc382005-a626-4501-bbc4-dd292a018cd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9036
x-amzn-requestid: 24df0710-a186-4d2d-9957-ff0ff45ff945
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWfdGQpoAMFqeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979dfc-6b5ffd0173b00d7b29cc81b6;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8FPKH3nLXJEpUbHUf_XGNTfbqRd7aG50u-OivbpasSh3O0L1fPFj_Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:00:36 GMT
age: 20959
etag: "a4e84853e7f600d113ad5027c5ef240c9aa4756b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356ea75b-4385-4813-8fb7-2ade07c6ae3d.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356ea75b-4385-4813-8fb7-2ade07c6ae3d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b01091c95866be383fe4e3b8d29e44c0
7ee779f4766a0d5bc9b9041237f93036dee1ac2d
9866b6c3720fab3ed75937f816353341bb46af941599e59dd13b2c07b7b33cb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F356ea75b-4385-4813-8fb7-2ade07c6ae3d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6868
x-amzn-requestid: 1c5f94b4-a89c-451b-8fbe-414228dab4f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dDWf8E5foAMFciQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63979dff-7d8940961dab819015ad675e;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 21:32:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xsWfoUNi3KvV0M6rlVVo4wPSPwmCY6-qHyvd0yJGQeT5kGtHHWTVbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 22:01:49 GMT
age: 20886
etag: "7ee779f4766a0d5bc9b9041237f93036dee1ac2d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 690133687ca909986a7ac4e919193bbb
9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4
d4913048b7f2b341c77a345420a855e6385e00c64ef30f6cf136ad16f6bda771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3319031c-7524-4aba-998b-86a7b8a1132f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6711
x-amzn-requestid: ac93518c-b2e1-4995-9152-11c30c05cc9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c9h4oHmiIAMFXQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639549d0-5180e10e467c4c4c5e7fd1f4;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 03:09:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YHHaFWjmRFuBvcFQ6orltY_4JuQEcHhfyjxHO3-XZduh_hEGfPcPoA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 03:57:59 GMT
age: 85916
etag: "9f36b8f5cd7f540d18318c0b8ca55d40e85ed1d4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8b0477fb90d103e2155bbf7ab47d877
ab668e755bd742b165fa3ba46a4c486c616a7ff6
40e2282cf64da6034f73a2ff0c0d060550caa364244d5bdf282d2f54719d48ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2263c6ae-1846-44f1-8b25-471bca417daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4703
x-amzn-requestid: 975cb427-5feb-4c36-bcfe-bed0cc9bd3b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czpW4Hh4IAMFeRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639155c5-63d6d97371f11d6012edae68;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 03:11:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BouIqIrg_vfxBH0weDXiqoEBcSV8_d4qDVB3Er5PeIrZz249iHdqGQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 08:18:10 GMT
age: 70305
etag: "ab668e755bd742b165fa3ba46a4c486c616a7ff6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61696fbb8743437b191c7141bc43228f
9f3da5618cd81d8b94b89a38860b5ea0e677b181
e299f7842035dfae92b63c388613da806030c9e70f6344dd0c8e9176baa2a671
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d2521f8-aba3-4e43-a61f-566b33d81a58.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7235
x-amzn-requestid: 062761c0-29aa-44d6-9a3f-213766ba615c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctmEtE00oAMF4Cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eea1d-7f38911c00fdffac25cdf642;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:07:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HHqgpbW7ZHxByKQTHklq6VVOKkidvdpt-XgqeFIHVYXbJ66nhu19yw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 23:15:56 GMT
age: 16439
etag: "9f3da5618cd81d8b94b89a38860b5ea0e677b181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 703d359edb819eaefc6ccae224bbde15
4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8
0452d24052bef979fd13f1a0fefb4c7803ff91c5afa3c871f85b73eb08f15489
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefb81a20-e06f-4f47-bfa8-916a4837d754.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12144
x-amzn-requestid: 0d00ec22-808c-4f60-98b1-87eef4aad829
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6n0yFORIAMFskA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394201e-58f1a5c87fc341bf56fa9d68;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 05:58:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sW4dQXExyH6JvbdtSgIPJUiifHh-VfbfcG5hKMaJ4tZA3pO-fobF6w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 04:10:33 GMT
age: 85162
etag: "4b8d7b5ff7cf1333bd0019b2d72cf2aadef6caf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.zepedalawfirm.com/files/theme/nav-saperator-current-light.jpg?1549320163
199.34.228.65200 OK 1.3 kB URL HTTP/1.1 www.zepedalawfirm.com/files/theme/nav-saperator-current-light.jpg?1549320163
IP 199.34.228.65:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2x45, components 3\012- data
Hash 42c29463df233af5d12564c4b9be9493
22c23d15b1f675ee24f1d433e267d96ff5161e34
ba4935f55839108b3034cbcb551b647bb487a04e209d517816f63d382be34d73
GET /files/theme/nav-saperator-current-light.jpg?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/jpeg; charset=binary
Content-Length: 1252
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:42 GMT
x-rgw-object-type: Normal
ETag: "42c29463df233af5d12564c4b9be9493"
x-amz-request-id: tx000000000000023f12740-00635c2fd7-c699baa-sfo1
X-Storage-Bucket: zba49
X-Storage-Object: ba4935f55839108b3034cbcb551b647bb487a04e209d517816f63d382be34d73
X-Host: blu61.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/files/theme/nav-bg-current-light.jpg?1549320163
199.34.228.65200 OK 1.4 kB URL HTTP/1.1 www.zepedalawfirm.com/files/theme/nav-bg-current-light.jpg?1549320163
IP 199.34.228.65:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 30x45, components 3\012- data
Hash 35efd0d4d13feca1394301a5167dceba
e1ea3efc3d0f6cfe06a96f602eb9c3a3dba80bfa
650f52174780b6198b3afb32487b6cf7936b8619edd0ccf10815096f9e6e2c59
Analyzer Verdict Alert fortinet Malware
GET /files/theme/nav-bg-current-light.jpg?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/jpeg; charset=binary
Content-Length: 1403
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:40 GMT
x-rgw-object-type: Normal
ETag: "35efd0d4d13feca1394301a5167dceba"
x-amz-request-id: tx00000000000001aec03ca-0062aac0f1-b9fbc29-sfo1
X-Storage-Bucket: z650f
X-Storage-Object: 650f52174780b6198b3afb32487b6cf7936b8619edd0ccf10815096f9e6e2c59
X-Host: grn14.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/files/theme/corners.png?1549320163
199.34.228.65200 OK 996 B URL HTTP/1.1 www.zepedalawfirm.com/files/theme/corners.png?1549320163
IP 199.34.228.65:0
File type PNG image data, 8 x 8, 8-bit/color RGBA, non-interlaced\012- data
Hash 9bfb8cb657765f9ba5d0a0e3e3a47fd0
e227dbbf4031d45f01b1c5a636c8a35810f81d8b
9120932c77c9042c849751690dc41ba730510e9af7cbc2b90b802c6ec88e0c0a
Analyzer Verdict Alert fortinet Malware
GET /files/theme/corners.png?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/png; charset=binary
Content-Length: 996
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:40 GMT
x-rgw-object-type: Normal
ETag: "9bfb8cb657765f9ba5d0a0e3e3a47fd0"
x-amz-request-id: tx000000000000044d5868c-006394f58f-c67eadd-sfo1
X-Storage-Bucket: z9120
X-Storage-Object: 9120932c77c9042c849751690dc41ba730510e9af7cbc2b90b802c6ec88e0c0a
X-Host: grn73.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/files/theme/button.png?1549320163
199.34.228.65200 OK 7.3 kB URL HTTP/1.1 www.zepedalawfirm.com/files/theme/button.png?1549320163
IP 199.34.228.65:0
File type PNG image data, 500 x 228, 8-bit/color RGBA, non-interlaced\012- data
Hash 12c692b0e68aac7dd5447ab68db321c5
82619856de28877adab6976cc9f60bb7503a6acd
7262ccbcd3ca0a08d46a87f7dbcf73b52047be07cb375b98df31642bdee77b7a
GET /files/theme/button.png?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/png; charset=binary
Content-Length: 7282
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:39 GMT
x-rgw-object-type: Normal
ETag: "12c692b0e68aac7dd5447ab68db321c5"
x-amz-request-id: tx0000000000000081c7ee1-0061b14729-a9f41e7-sfo1
X-Storage-Bucket: z7262
X-Storage-Object: 7262ccbcd3ca0a08d46a87f7dbcf73b52047be07cb375b98df31642bdee77b7a
X-Host: grn77.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bf7ba375a92ed3f55e322723d6e42688
2485c48015d1ff0dcead0dadea7eb907ba6773ea
01e93d7389e33669da81f17469b0b5a4198207cbc7771493621a5711eb91b324
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Dec 2022 03:49:55 GMT
Last-Modified: Tue, 13 Dec 2022 03:23:00 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KSwzIIy-3dFztXZCncePPOCKgplfHNZp3YOyXw0Fe8brD_6wjdjVGA==
Age: 1615
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash bf7ba375a92ed3f55e322723d6e42688
2485c48015d1ff0dcead0dadea7eb907ba6773ea
01e93d7389e33669da81f17469b0b5a4198207cbc7771493621a5711eb91b324
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141556
Date: Tue, 13 Dec 2022 03:49:55 GMT
Etag: "63976825-1d7"
Expires: Wed, 14 Dec 2022 19:09:11 GMT
Last-Modified: Mon, 12 Dec 2022 17:43:01 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 58rEiN0aKGp5CPY9uC0bMIdhyKueUYVDAA5l-z0tJFkpGeuXbxwOmQ==
Age: 5170
www.zepedalawfirm.com/files/theme/nav-bg-light.jpg?1549320163
199.34.228.65200 OK 1.3 kB URL HTTP/1.1 www.zepedalawfirm.com/files/theme/nav-bg-light.jpg?1549320163
IP 199.34.228.65:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 30x45, components 3\012- data
Hash d4ddabca61f0c44928a69625931c3508
cf1054b74d23fd9ff6a53af78318b0cd5ea490e1
5a60fdcd631baba9a887b8528bd6e031305290aa300d5e5448cac22c105487ec
GET /files/theme/nav-bg-light.jpg?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/jpeg; charset=binary
Content-Length: 1329
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:41 GMT
x-rgw-object-type: Normal
ETag: "d4ddabca61f0c44928a69625931c3508"
x-amz-request-id: tx00000000000003549821d-006313ef49-bfe36ba-sfo1
X-Storage-Bucket: z5a60
X-Storage-Object: 5a60fdcd631baba9a887b8528bd6e031305290aa300d5e5448cac22c105487ec
X-Host: grn72.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/files/theme/nav-saperator-light.jpg?1549320163
199.34.228.65200 OK 1.2 kB URL HTTP/1.1 www.zepedalawfirm.com/files/theme/nav-saperator-light.jpg?1549320163
IP 199.34.228.65:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2x45, components 3\012- data
Hash 64711fe311ff7aba6791b6d394c65c44
cef16e21c769b6f042a14d231a26e6e386242d60
ffbcfce943bb665b5c6016b179e2d4e88b9baadfceb77c84e8b9eb6e13fe5087
Analyzer Verdict Alert fortinet Malware
GET /files/theme/nav-saperator-light.jpg?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/jpeg; charset=binary
Content-Length: 1238
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:42 GMT
x-rgw-object-type: Normal
ETag: "64711fe311ff7aba6791b6d394c65c44"
x-amz-request-id: tx00000000000003b9186f2-0063852489-c67eadd-sfo1
X-Storage-Bucket: zffbc
X-Storage-Object: ffbcfce943bb665b5c6016b179e2d4e88b9baadfceb77c84e8b9eb6e13fe5087
X-Host: grn82.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/files/theme/button_large_highlight.png?1549320163
199.34.228.65200 OK 8.2 kB URL HTTP/1.1 www.zepedalawfirm.com/files/theme/button_large_highlight.png?1549320163
IP 199.34.228.65:0
File type PNG image data, 500 x 270, 8-bit/color RGBA, non-interlaced\012- data
Hash e6ddb5224dd05fe1255d10bcf81fd364
628a3c4275df37a63e3c9aefb5468834517b1e96
0f085ffceefd077c6a450c4beae01cc62b5c207de4d8913485147614b026438c
Analyzer Verdict Alert fortinet Malware
GET /files/theme/button_large_highlight.png?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/png; charset=binary
Content-Length: 8181
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:39 GMT
x-rgw-object-type: Normal
ETag: "e6ddb5224dd05fe1255d10bcf81fd364"
x-amz-request-id: tx000000000000020142d21-0062f4345b-c033918-sfo1
X-Storage-Bucket: z0f08
X-Storage-Object: 0f085ffceefd077c6a450c4beae01cc62b5c207de4d8913485147614b026438c
X-Host: blu61.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/files/theme/search-button.png?1549320163
199.34.228.65200 OK 2.1 kB URL HTTP/1.1 www.zepedalawfirm.com/files/theme/search-button.png?1549320163
IP 199.34.228.65:0
File type PNG image data, 33 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 294a38867b268184cd8a7532379a48a1
add1bb60d909c2ca910470ca31d8807535ad6d5c
d55102feb442a4ad04ae617dd3c1461fc126b29e7110cd83cedebeeb1120b06e
Analyzer Verdict Alert fortinet Malware
GET /files/theme/search-button.png?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/png; charset=binary
Content-Length: 2120
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:43 GMT
x-rgw-object-type: Normal
ETag: "294a38867b268184cd8a7532379a48a1"
x-amz-request-id: tx00000000000003a7efcbb-00631bbf4e-c0351b0-sfo1
X-Storage-Bucket: zd551
X-Storage-Object: d55102feb442a4ad04ae617dd3c1461fc126b29e7110cd83cedebeeb1120b06e
X-Host: blu135.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/6620009.jpg
199.34.228.65200 OK 8.8 kB URL HTTP/1.1 www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/6620009.jpg
IP 199.34.228.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 9eb7b2cadd9b610e19869fa977de15e3
cbdaffec30265e4eb87bccd227ad2186f75d5fe2
f45777fa7086b6a9d38de2026c2e53ee58a7a52f22f0bdca003ed36989bd97e6
GET /uploads/2/2/8/3/22837988/published/6620009.jpg HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/jpeg
Content-Length: 8814
Connection: keep-alive
Last-Modified: Mon, 04 Feb 2019 21:08:29 GMT
x-rgw-object-type: Normal
ETag: "9eb7b2cadd9b610e19869fa977de15e3"
x-amz-request-id: tx0000000000000410be009-00638d2e6a-c696eea-sfo1
X-Storage-Bucket: zf457
X-Storage-Object: f45777fa7086b6a9d38de2026c2e53ee58a7a52f22f0bdca003ed36989bd97e6
X-Host: grn14.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/8138734.jpg
199.34.228.65200 OK 8.3 kB URL HTTP/1.1 www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/8138734.jpg
IP 199.34.228.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 284x177, components 3\012- data
Hash 3e5c1a94707081f9ac908632d528e948
1fde5eadf791fa70c377a8dc5f0a114f5397594e
e1ac94cdb8d55dc57616edd0ac40228b9b1c3c51d5ff2dc35de4f9fb9c7e6ce4
GET /uploads/2/2/8/3/22837988/published/8138734.jpg HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/jpeg
Content-Length: 8302
Connection: keep-alive
Last-Modified: Mon, 04 Feb 2019 21:08:29 GMT
x-rgw-object-type: Normal
ETag: "3e5c1a94707081f9ac908632d528e948"
x-amz-request-id: tx0000000000000467bd05f-006397c24d-c67eadd-sfo1
X-Storage-Bucket: ze1ac
X-Storage-Object: e1ac94cdb8d55dc57616edd0ac40228b9b1c3c51d5ff2dc35de4f9fb9c7e6ce4
X-Host: grn132.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
52.32.213.25200 OK 0 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 52.32.213.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.zepedalawfirm.com/
Origin: https://www.zepedalawfirm.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Dec 2022 03:49:55 GMT
content-length: 0
server: nginx
access-control-allow-origin: https://www.zepedalawfirm.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 600
X-Firefox-Spdy: h2
www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/imagesca3kdd6q.jpg
199.34.228.65200 OK 12 kB URL HTTP/1.1 www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/imagesca3kdd6q.jpg
IP 199.34.228.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 266x190, components 3\012- data
Hash ebe59257c9a7549c6c10bf01bba80c72
3dfe76012e99becd85aed06ea1c5848908442571
ce73a56642bb6635e93e94c315c7fc35425d54ba8bec6d8499f1cb8ff55c8c8f
GET /uploads/2/2/8/3/22837988/published/imagesca3kdd6q.jpg HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/jpeg
Content-Length: 11677
Connection: keep-alive
Last-Modified: Mon, 04 Feb 2019 20:59:53 GMT
x-rgw-object-type: Normal
ETag: "ebe59257c9a7549c6c10bf01bba80c72"
x-amz-request-id: tx000000000000047443b36-006397a479-c699baa-sfo1
X-Storage-Bucket: zce73
X-Storage-Object: ce73a56642bb6635e93e94c315c7fc35425d54ba8bec6d8499f1cb8ff55c8c8f
X-Host: blu149.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/large-gray-and-white.jpg
199.34.228.65200 OK 9.5 kB URL HTTP/1.1 www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/large-gray-and-white.jpg
IP 199.34.228.65:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 480x244, components 3\012- data
Hash a3d921a6c29117d24916db665937d470
59243a697dc9639210763d8da8093baf517a0fb4
79d6ef83d4866e34ecd5030294a2cbd923f73eb7d8b10aa2202e04627fb8d323
GET /uploads/2/2/8/3/22837988/published/large-gray-and-white.jpg HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/jpeg
Content-Length: 9453
Connection: keep-alive
Last-Modified: Mon, 04 Feb 2019 21:01:14 GMT
x-rgw-object-type: Normal
ETag: "a3d921a6c29117d24916db665937d470"
x-amz-request-id: tx000000000000047c8e32b-006397f663-c695612-sfo1
X-Storage-Bucket: z79d6
X-Storage-Object: 79d6ef83d4866e34ecd5030294a2cbd923f73eb7d8b10aa2202e04627fb8d323
X-Host: blu49.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/files/theme/search-text.png?1549320163
199.34.228.65200 OK 3.6 kB URL HTTP/1.1 www.zepedalawfirm.com/files/theme/search-text.png?1549320163
IP 199.34.228.65:0
File type PNG image data, 174 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 99aad15300538264ab34f322f2ff0a78
625b24d45a5b2a41b32f268266e1fb8dadaddc81
e913eec1c945141dc25fc50c708bea790d519624579ae1c2698d119e67e73c91
Analyzer Verdict Alert fortinet Malware
GET /files/theme/search-text.png?1549320163 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/files/main_style.css?1549320163
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/png; charset=binary
Content-Length: 3594
Connection: keep-alive
Last-Modified: Sun, 03 May 2020 00:17:43 GMT
x-rgw-object-type: Normal
ETag: "99aad15300538264ab34f322f2ff0a78"
x-amz-request-id: tx0000000000000021afcc6-0061a82197-a9f3e81-sfo1
X-Storage-Bucket: ze913
X-Storage-Object: e913eec1c945141dc25fc50c708bea790d519624579ae1c2698d119e67e73c91
X-Host: blu40.sf2p.intern.weebly.net
Accept-Ranges: bytes
ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
52.32.213.25200 OK 2 B URL HTTP/2 ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
IP 52.32.213.25:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /com.snowplowanalytics.snowplow/tp2 HTTP/1.1
Host: ec.editmysite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
Content-Length: 1807
Origin: https://www.zepedalawfirm.com
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 13 Dec 2022 03:49:55 GMT
content-type: text/plain; charset=UTF-8
content-length: 2
server: nginx
set-cookie: sp=ea44c4fd-7f54-4f30-94c9-a300cc872197; Expires=Wed, 13 Dec 2023 03:49:55 GMT; Domain=; Path=/; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://www.zepedalawfirm.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/yadira-photo.png?1549314304
199.34.228.65200 OK 36 kB URL HTTP/1.1 www.zepedalawfirm.com/uploads/2/2/8/3/22837988/published/yadira-photo.png?1549314304
IP 199.34.228.65:0
File type PNG image data, 248 x 156, 8-bit/color RGBA, non-interlaced\012- data
Hash 813ce20787a3bfbbd6279b929bc69586
149c3fb9fe39e2a00d8e07fe1479cf4c5b644388
d44f2d02b93016ee5ea33828cde80a4bd0fee79a5dc6e6a5a0213be2b77d0337
Analyzer Verdict Alert fortinet Malware
GET /uploads/2/2/8/3/22837988/published/yadira-photo.png?1549314304 HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:55 GMT
Content-Type: image/png
Content-Length: 35722
Connection: keep-alive
Last-Modified: Mon, 04 Feb 2019 21:05:03 GMT
x-rgw-object-type: Normal
ETag: "813ce20787a3bfbbd6279b929bc69586"
x-amz-request-id: tx000000000000046dd7de0-0063972190-c699baa-sfo1
X-Storage-Bucket: zd44f
X-Storage-Object: d44f2d02b93016ee5ea33828cde80a4bd0fee79a5dc6e6a5a0213be2b77d0337
X-Host: grn61.sf2p.intern.weebly.net
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a33409f980e81b54f660035dd9c14cfb
8399645bbd14b6a968328c6552b837e3368948a3
9cf6b1845f29636c04e711a6bf1e7937773c6c4522e2ba66dd6c43bfef34b33b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 03:49:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.168200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.168:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Tue, 13 Dec 2022 02:41:41 GMT
expires: Tue, 13 Dec 2022 04:41:41 GMT
cache-control: public, max-age=7200
age: 4094
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a33409f980e81b54f660035dd9c14cfb
8399645bbd14b6a968328c6552b837e3368948a3
9cf6b1845f29636c04e711a6bf1e7937773c6c4522e2ba66dd6c43bfef34b33b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Dec 2022 03:49:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.zepedalawfirm.com/favicon.ico
199.34.228.65200 OK 4.3 kB URL HTTP/1.1 www.zepedalawfirm.com/favicon.ico
IP 199.34.228.65:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 4d27526198ac873ccec96935198e0fb9
b98d8b73ad6a0f7477c3397561b4aab37bf262aa
40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
GET /favicon.ico HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en; _snow_ses.464e=*; _snow_id.464e=d68bed13-fc72-4a85-a579-40dcef788fd1.1670903393.1.1670903393.1670903393.9fb29a61-fe27-4b9e-a8f1-990c925defdc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 13 Dec 2022 03:49:56 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: keep-alive
Last-Modified: Fri, 24 Sep 2021 21:48:12 GMT
x-rgw-object-type: Normal
ETag: "4d27526198ac873ccec96935198e0fb9"
x-amz-request-id: tx000000000000000b777f6-0061a70451-a9f4046-sfo1
X-Storage-Bucket: z40a2
X-Storage-Object: 40a2146151863bcf46c786d596e81a308d1b0d26d74635be441e92656f29b1b4
X-Host: blu68.sf2p.intern.weebly.net
Accept-Ranges: bytes
www.zepedalawfirm.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
199.34.228.65200 OK 348 B URL HTTP/1.1 www.zepedalawfirm.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
IP 199.34.228.65:0
File type JSON data\012- , ASCII text, with very long lines (348), with no line terminators
Hash a944dd688c99d2901d6719be713271c0
4f5454d5d434829baf46671638610791758725d9
adb97e1bc686c58b4286f1208d2bd969687c6cf3e2fc468697dfd956d260de49
POST /ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails] HTTP/1.1
Host: www.zepedalawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 83
Origin: https://www.zepedalawfirm.com
Connection: keep-alive
Referer: https://www.zepedalawfirm.com/immigration.html
Cookie: is_mobile=0; language=en; _snow_ses.464e=*; _snow_id.464e=d68bed13-fc72-4a85-a579-40dcef788fd1.1670903393.1.1670903393.1670903393.9fb29a61-fe27-4b9e-a8f1-990c925defdc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Dec 2022 03:49:56 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn44.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1
Content-Length: 348
Keep-Alive: timeout=10, max=71
Connection: Keep-Alive
Content-Type: application/json