ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash eb05e06895e6232d8c281c5ecad0c17f
3d287596c8738a0a1b797f5da54ed9c81d185f85
f3dc5ddfc58999388a0aefd7e318e4837677c152b50a38d24a3556442bd1b7fd
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Aug 2023 23:24:39 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 16 Aug 2023 23:16:43 GMT
ETag: "3d287596c8738a0a1b797f5da54ed9c81d185f85"
Last-Modified: Sat, 12 Aug 2023 23:16:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7f5c79192b5a0b31-OSL
winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
43.135.205.15200 OK 8.0 kB URL User Request GET HTTP/1.1 winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
IP 43.135.205.15:443
ASN #132203 Tencent Building, Kejizhongyi Avenue
Certificate IssuerGlobalSign nv-sa
Subject*.cos.sa-saopaulo.myqcloud.com
Fingerprint14:BA:22:2E:FB:E3:4A:4C:F2:C0:4D:65:3A:9D:C1:57:CD:5F:93:8D
ValidityFri, 03 Mar 2023 09:01:11 GMT - Wed, 03 Apr 2024 09:01:10 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7021), with CRLF line terminators
Hash 985835fcc46ad4f979362ad5fbcd449f
a9c0c7b73884338c365268cdd26e0057472261bf
b4bda8082228a65dbc9c0a434b08c6bfb5c5107952f072dea782c48a0bd8f9bc
Analyzer Verdict Alert OpenPhish phishing Office365
PhishTank phishing Other
GET /morin-law.html HTTP/1.1
Host: winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 7982
Connection: keep-alive
Accept-Ranges: bytes
Date: Sat, 12 Aug 2023 23:24:39 GMT
ETag: "985835fcc46ad4f979362ad5fbcd449f"
Last-Modified: Thu, 22 Jun 2023 17:14:56 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 16627395014597632364
x-cos-request-id: NjRkODE0YjdfNjQ0YzU5MGJfZDNlNV80NmFjZTU=
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
104.17.24.14200 OK 6.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
IP 104.17.24.14:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (19015)
Hash 70d3fda195602fe8b75e0097eed74dde
c3b977aa4b8dfb69d651e07015031d385ded964b
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
GET /ajax/libs/popper.js/1.12.9/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 12 Aug 2023 23:24:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 6157
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4af4"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 9262576
expires: Thu, 01 Aug 2024 23:24:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixE4y5Qq8%2FyfE6tJeuGVXSMnop9zTferFlFa3lc1eiF8tJ95OMnG6vG3VfXp%2FK35WUx%2BsJWrbjozJZhK0QYXCVb27JoxqmmWr5gXZSMlC%2FHeEtqozizUryr9sANdP6TYVTNBWxfN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7f5c791f8e2b1bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.1.1.min.js
69.16.175.42200 OK 30 kB URL GET HTTP/2 code.jquery.com/jquery-3.1.1.min.js
IP 69.16.175.42:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (32030)
Hash e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
GET /jquery-3.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 12 Aug 2023 23:24:40 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1691882680.dop205.sk1.t,1691882680.cds220.sk1.hn,1691882680.cds010.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.js
69.16.175.42200 OK 80 kB URL GET HTTP/2 code.jquery.com/jquery-3.3.1.js
IP 69.16.175.42:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
Hash 6a07da9fae934baf3f749e876bbfdd96
46a436eba01c79acdb225757ed80bf54bad6416b
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
GET /jquery-3.3.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 12 Aug 2023 23:24:40 GMT
content-encoding: gzip
content-length: 80268
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-42587"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1691882680.dop201.sk1.t,1691882680.cds012.sk1.hn,1691882680.cds214.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.slim.min.js
69.16.175.42200 OK 24 kB URL GET HTTP/2 code.jquery.com/jquery-3.2.1.slim.min.js
IP 69.16.175.42:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (32012)
Hash 5f48fc77cac90c4778fa24ec9c57f37d
9e89d1515bc4c371b86f4cb1002fd8e377c1829f
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 12 Aug 2023 23:24:40 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1691882680.dop201.sk1.t,1691882680.cds012.sk1.hn,1691882680.cds253.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 14d3c2e8d9f53b25492999b17379e1ed
8900d1e09f3893561f3029527452dfe8c919261a
c6649b0c59d374e874bebe5a1f7d60507e7120ccd8996f1a59a0b7f043f61c0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 23:24:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 14d3c2e8d9f53b25492999b17379e1ed
8900d1e09f3893561f3029527452dfe8c919261a
c6649b0c59d374e874bebe5a1f7d60507e7120ccd8996f1a59a0b7f043f61c0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 23:24:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
172.217.21.170200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 172.217.21.170:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintC1:FC:47:2F:E4:8D:DA:F2:E6:C0:AB:89:40:FB:3F:E4:E0:C5:04:42
ValidityMon, 17 Jul 2023 08:21:35 GMT - Mon, 09 Oct 2023 08:21:34 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Aug 2023 15:42:10 GMT
expires: Sun, 11 Aug 2024 15:42:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 27750
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 14d3c2e8d9f53b25492999b17379e1ed
8900d1e09f3893561f3029527452dfe8c919261a
c6649b0c59d374e874bebe5a1f7d60507e7120ccd8996f1a59a0b7f043f61c0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 23:24:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 14d3c2e8d9f53b25492999b17379e1ed
8900d1e09f3893561f3029527452dfe8c919261a
c6649b0c59d374e874bebe5a1f7d60507e7120ccd8996f1a59a0b7f043f61c0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Aug 2023 23:24:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
172.217.21.170200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 172.217.21.170:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintC1:FC:47:2F:E4:8D:DA:F2:E6:C0:AB:89:40:FB:3F:E4:E0:C5:04:42
ValidityMon, 17 Jul 2023 08:21:35 GMT - Mon, 09 Oct 2023 08:21:34 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Aug 2023 15:42:10 GMT
expires: Sun, 11 Aug 2024 15:42:10 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 27750
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp2.globalsign.com/gsorganizationvalsha2g3
104.18.21.226 1.5 kB URL ocsp2.globalsign.com/gsorganizationvalsha2g3
IP 104.18.21.226:0
Hash b5eb6a6514543f60437a6486a5af1845
9364d32ec04e313d85c65fbab4890560a6c586ea
304e162cc6259e68e2ed9b95200ec739219740ee240e1fc8c2f4a53034a23b35
POST /gsorganizationvalsha2g3 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Aug 2023 23:24:41 GMT
Content-Type: application/ocsp-response
Content-Length: 1461
Connection: keep-alive
Expires: Wed, 16 Aug 2023 22:50:21 GMT
ETag: "9364d32ec04e313d85c65fbab4890560a6c586ea"
Last-Modified: Sat, 12 Aug 2023 22:50:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7f5c79273c090b31-OSL
c.s-microsoft.com/favicon.ico?v2
23.38.201.156200 OK 17 kB URL GET HTTP/2 c.s-microsoft.com/favicon.ico?v2
IP 23.38.201.156:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerMicrosoft Corporation
Subjectwww.microsoft.com
Fingerprint2D:6E:2A:E5:B3:6F:22:07:6A:19:7D:50:00:9D:EE:66:39:6A:A9:9C
ValidityTue, 04 Oct 2022 23:23:11 GMT - Fri, 29 Sep 2023 23:23:11 GMT
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
GET /favicon.ico?v2 HTTP/1.1
Host: c.s-microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 17174
content-type: image/x-icon
last-modified: Thu, 15 Jun 2023 21:41:24 GMT
accept-ranges: bytes
etag: "1D99FD2219C9A00"
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
x-sitemuse-origin: Azure
x-azure-ref: 0VMuRZAAAAAA8cxOtMVNmQYJLHxTwIOHYQlJVMzBFREdFMTAxMwAxYjJiMjJjMS1jYjBjLTQ5NTAtODg3OS1kMjEyZjJhYzVhNGI=
cache-control: public, max-age=353155
expires: Thu, 17 Aug 2023 01:30:37 GMT
date: Sat, 12 Aug 2023 23:24:42 GMT
access-control-allow-methods: GET,POST
access-control-allow-origin: *
X-Firefox-Spdy: h2
titleclosingagents000-1318233580.cos.na-toronto.myqcloud.com/bootstrap/4.1.3/js/bootstrapp.min.js
49.51.54.104200 OK 1.1 MB URL GET HTTP/1.1 titleclosingagents000-1318233580.cos.na-toronto.myqcloud.com/bootstrap/4.1.3/js/bootstrapp.min.js
IP 49.51.54.104:443
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerGlobalSign nv-sa
Subject*.cos.na-toronto.myqcloud.com
Fingerprint35:FE:CD:A6:0E:ED:28:0B:E5:8E:50:19:E7:C1:9C:13:37:4D:53:F0
ValidityMon, 27 Feb 2023 02:45:55 GMT - Sat, 30 Mar 2024 02:45:54 GMT
File type ASCII text, with very long lines (65460), with CRLF line terminators
Size 1.1 MB (1121733 bytes)
Hash 04dcf08d10891b77da95ecb52f3524ab
14d491ad6467177bc1540f3bb7f122bab40c0331
daa7e7e40cafadb6d436a9d6a65d63436af53bd40e79b8870dade217b8a58146
GET /bootstrap/4.1.3/js/bootstrapp.min.js HTTP/1.1
Host: titleclosingagents000-1318233580.cos.na-toronto.myqcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1121733
Connection: keep-alive
Accept-Ranges: bytes
Date: Sat, 12 Aug 2023 23:24:41 GMT
ETag: "04dcf08d10891b77da95ecb52f3524ab"
Last-Modified: Wed, 21 Jun 2023 14:14:05 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 10259695978293861335
x-cos-request-id: NjRkODE0YjlfMjY1MTA2MDlfNmZkNV85MWM1Yg==
titleclosingagents000.site/next.php
69.49.234.229200 OK 16 B URL POST HTTP/1.1 titleclosingagents000.site/next.php
IP 69.49.234.229:443
ASN #46606 UNIFIEDLAYER-AS-1
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerLet's Encrypt
Subjectwww.titleclosingagents000.site
FingerprintB5:5F:61:20:27:EF:AF:74:10:D7:E3:CD:A1:25:1C:2C:71:C7:4A:AC
ValiditySat, 22 Jul 2023 14:09:30 GMT - Fri, 20 Oct 2023 14:09:29 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f57cbd1f1a1ced8f62d34242408414c
52279c54b16f0a88d43d57b4cbb9813ea3cc39ab
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
POST /next.php HTTP/1.1
Host: titleclosingagents000.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 13
Origin: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Aug 2023 23:24:41 GMT
Server: Apache
Access-Control-Allow-Origin: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/1.png
43.135.205.15404 Not Found 423 B URL GET HTTP/1.1 winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/1.png
IP 43.135.205.15:443
ASN #132203 Tencent Building, Kejizhongyi Avenue
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerGlobalSign nv-sa
Subject*.cos.sa-saopaulo.myqcloud.com
Fingerprint14:BA:22:2E:FB:E3:4A:4C:F2:C0:4D:65:3A:9D:C1:57:CD:5F:93:8D
ValidityFri, 03 Mar 2023 09:01:11 GMT - Wed, 03 Apr 2024 09:01:10 GMT
File type XML 1.0 document text\012- XML document, ASCII text
Hash 1681ae1d9672616e68a6414dd706bd1d
57c96c22c4a2d50d0e9ed635042fc465fcc21804
e45423778cc611668d67b1c778163b96318fae4e7e28ed1e43717ee60cb6026b
GET /1.png HTTP/1.1
Host: winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: application/xml
Content-Length: 423
Connection: keep-alive
Date: Sat, 12 Aug 2023 23:24:44 GMT
Server: tencent-cos
x-cos-request-id: NjRkODE0YmNfNjQ0YzU5MGJfZDNhY180NmZjMTQ=
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.11.207200 OK 49 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP 104.18.11.207:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (48664)
Hash 14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 12 Aug 2023 23:24:40 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: a9ad692508dc94d4694e94e4233635aa
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7f5c791fbd0eb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
142.250.74.74200 OK 1.3 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Archivo+Narrow&display=swap
IP 142.250.74.74:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintC1:FC:47:2F:E4:8D:DA:F2:E6:C0:AB:89:40:FB:3F:E4:E0:C5:04:42
ValidityMon, 17 Jul 2023 08:21:35 GMT - Mon, 09 Oct 2023 08:21:34 GMT
File type ASCII text, with very long lines (1320), with no line terminators
Hash 1438d721a96f081ae0cbca8b142cfed0
54d195d18a5691d999d88592aaf84b865030dd69
e7578d54c23bf5f7069220f26cf655caa20935e42a873299e28f3d51d08f8d9b
GET /css?family=Archivo+Narrow&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Aug 2023 23:24:40 GMT
date: Sat, 12 Aug 2023 23:24:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:600
142.250.74.74200 OK 2.9 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Open+Sans:600
IP 142.250.74.74:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintC1:FC:47:2F:E4:8D:DA:F2:E6:C0:AB:89:40:FB:3F:E4:E0:C5:04:42
ValidityMon, 17 Jul 2023 08:21:35 GMT - Mon, 09 Oct 2023 08:21:34 GMT
File type ASCII text, with very long lines (2967), with no line terminators
Hash 2e9f3cf7ce3486bc73028e550fd239a0
36316c593d6aa94e5d03de5399e58bf93be05b5d
5e0e3b20506a39a773514d5604d19a9930a54651e94a8a53c51c8c54b200f0d4
GET /css?family=Open+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Aug 2023 23:24:43 GMT
date: Sat, 12 Aug 2023 23:24:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.11.207200 OK 145 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP 104.18.11.207:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65325)
Size 145 kB (144877 bytes)
Hash 450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 12 Aug 2023 23:24:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 06/15/2023 15:41:03
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: a5013f20accc4e08a9821b99f4022c4b
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7f5c79360d8db4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:600
142.250.74.74200 OK 2.9 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Open+Sans:600
IP 142.250.74.74:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintC1:FC:47:2F:E4:8D:DA:F2:E6:C0:AB:89:40:FB:3F:E4:E0:C5:04:42
ValidityMon, 17 Jul 2023 08:21:35 GMT - Mon, 09 Oct 2023 08:21:34 GMT
File type ASCII text, with very long lines (2967), with no line terminators
Hash 2e9f3cf7ce3486bc73028e550fd239a0
36316c593d6aa94e5d03de5399e58bf93be05b5d
5e0e3b20506a39a773514d5604d19a9930a54651e94a8a53c51c8c54b200f0d4
GET /css?family=Open+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 12 Aug 2023 23:24:44 GMT
date: Sat, 12 Aug 2023 23:24:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
use.fontawesome.com/releases/v5.8.1/css/all.css
172.64.103.11200 OK 55 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.8.1/css/all.css
IP 172.64.103.11:443
Requested by https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/morin-law.html
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
Fingerprint44:A2:80:0B:1D:01:55:DA:4F:BB:6B:A2:11:12:B1:BB:BD:07:AF:E9
ValidityTue, 04 Jul 2023 05:06:19 GMT - Mon, 02 Oct 2023 05:06:18 GMT
File type ASCII text, with very long lines (54926)
Hash e4c542a7f6bf6f74fdd8cdf6e8096396
3a0571a695a35f238026b9398386dc99d9a0c56d
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
GET /releases/v5.8.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com
DNT: 1
Connection: keep-alive
Referer: https://winwinthlaw-1318439371.cos.sa-saopaulo.myqcloud.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 12 Aug 2023 23:24:40 GMT
content-type: text/css
x-amz-id-2: 3/ox3wPNnSOdDprym1joyZAJQ+6QUBhaOG0blmwrZC5t+S08see+bpPAkWuQFRBw+KflmvOew70=
x-amz-request-id: TRH92MD5ZHRY1TZG
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upx0uM0NUkzShnxWziRcbj%2Bkx5gTFr3HtcL9ZdAMiZkzLKLatc9KrG26EVRR06bJOluMAgFk%2BeOovjplPzhy1yo2Iuh%2BiB9S34t71s4mXd97MJsNofNlMmluxxVOb8Bs7tX6JrJr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f5c791ffc8871b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2