Report - lepplawfirm.com/

Report Overview

Submitted URL
lepplawfirm.com/
IP
198.187.31.167
ASN
#22612 NAMECHEAP-NET
Submitted
2022-12-09 04:00:37
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
246

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	82 kB	216.58.207.227
themebeer.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.5 kB	45.79.75.12
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.223.160.237
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	746 B	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
lepplawfirm.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	792 B	1.2 kB	198.187.31.167
www.lepplawfirm.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	20 kB	1.1 MB	198.187.31.167
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	67 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	lepplawfirm.com/	Malware
2022-12-09	medium	lepplawfirm.com/	Malware
2022-12-09	medium	www.lepplawfirm.com/	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/theme-core/css/front/style.css?ver=6.0.3	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/css/vendor.css?ver=6.0.3	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/style.css?ver=6.0.3	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/theme-core/js/admin/el-scripts.js?ver=20151215	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution-active.js?ver=20151215	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/theme-core/js/main.js?ver=20151215	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/modernizr-2.8.3.min.js?ver=1.0.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.revolution.min.js?ver=20151215	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/wow.min.js?ver=1.0.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.layeranimation.min.js?ver=20151215	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/bootstrap.min.js?ver=1.0.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/owl.carousel.min.js?ver=1.0.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/mixitup.min.js?ver=1.0.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/skip-link-focus-fix.js?ver=1.0.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.waypoints.min.js?ver=1.0.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.counterup.min.js?ver=1.0.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/navigation.js?ver=1.0.0	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.tools.min.js?ver=20151215	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/fonts/icomoon.ttf?ume250	Malware
2022-12-09	medium	www.lepplawfirm.com/wp-content/themes/fexa/assets/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed
2022-12-09	medium	lepplawfirm.com	Sinkholed

JavaScript (31)

	URL	Size	First Seen	Last Seen
	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/wow.min.js?ver=1.0.0	8.4 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/wow.min.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-26 15:52:49 Times Seen3936 Hash 36050285bfeeb7395752f0f9bbc08273 5924f7bbbf1dfa3f0926851d01f782f23a59e805 0ec632e6ab02d4fdd514da7f5edc74aa28c9d4c71af76f1c8b93a1fba85bcc69 Loading...

	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution-active.js?ver=20151215	2.6 kB	2023-03-08	2023-11-01
Pretty URL www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution-active.js?ver=20151215 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:21:45 Last Seen2023-11-01 22:12:58 Times Seen13 Hash de4874eefe1e0b00c53f3fb6bde1c960 5fd1e8a8abf373650c8c394a782f5ba83f616ad0 29ebf30b55ef7c079f7ae3b05a09ebeacf9603a5c834cd0504a384ea9b190ac3 Loading...

	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/navigation.js?ver=1.0.0	3.1 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/navigation.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29:54 Last Seen2024-04-26 17:53:42 Times Seen297 Hash 05c59609caf3eee24b0d68f988dadd3c c7fa827c00a3d9b61242d9bfb25f42b36e993650 960deecec99fa9f409481875149b5fc45c818119aea5bad16b1212b9e1bb8b71 Loading...

	www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	9.9 kB	2023-03-08	2024-04-24
Pretty URL www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3136 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/modernizr-2.8.3.min.js?ver=1.0.0	16 kB	2023-03-07	2024-04-25
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/modernizr-2.8.3.min.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:33 Last Seen2024-04-25 01:09:57 Times Seen1531 Hash da941a6e1e1df098744318f6d25ba13a 15f441d0df5a01efc674d62b88c0c95bf233656a 2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967 Loading...

	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.slideanims.min.js?ver=20151215	28 kB	2023-03-07	2023-12-04
Pretty URL www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.slideanims.min.js?ver=20151215 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:41 Last Seen2023-12-04 17:39:11 Times Seen60 Hash 3485d6c68646688220683ed7917e33a8 1517838abe4f9fab056d22fb4b671a1750420fe8 f6421655cd10673e9a1dcc39dba9a2ca4d0657612834e45d7d9db32a698ad22f Loading...

	www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3	111 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:47 Last Seen2024-04-26 17:32:09 Times Seen4643 Hash 67a9644e880e7a471d49c73bb7621932 2ac89b145da02402ce1877c580850e08076c5109 a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8 Loading...

	www.lepplawfirm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-27
Pretty URL www.lepplawfirm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen31858 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.navigation.min.js?ver=20151215	26 kB	2023-03-07	2023-11-11
Pretty URL www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.navigation.min.js?ver=20151215 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:41 Last Seen2023-11-11 04:15:34 Times Seen49 Hash 08baf61da9ca8708334d6b9c7c534026 fec458531ef569e25d3b95ae4136fec73be4fc0c 1acfbf386c38378ca4385b4047f30049eaebdb2d02ed5847b0c6ca1ebd06d233 Loading...

	www.lepplawfirm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 23:19:42 Times Seen38071 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.lepplawfirm.com/wp-content/plugins/theme-core/js/admin/el-scripts.js?ver=20151215	4.7 kB	2023-03-08	2023-11-01
Pretty URL www.lepplawfirm.com/wp-content/plugins/theme-core/js/admin/el-scripts.js?ver=20151215 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:21:45 Last Seen2023-11-01 22:12:58 Times Seen13 Hash 9c14292d9dcc3d8a36f59480072e8ce8 c61022668e172b641d3204143be987e9d5e0d674 2426fa5bc952688313ba30a820cd4c2bea4b00e690d6979da6a8b47f0a1f394c Loading...

	www.lepplawfirm.com/	1.1 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/ IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-26 17:32:08 Times Seen3318 Hash b36955bf11fd2b943745960d036901e5 d9b5403fee4ae8ec7ad7a3cc6ed747bb62aacf6e 5f82f0ebcd0edef1c37dcba00935d90b65c18d2b0834fce752efe5960e532de3 Loading...

	www.lepplawfirm.com/	146 B	2023-03-08	2023-03-08
Pretty URL www.lepplawfirm.com/ IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:21:45 Last Seen2023-03-08 23:21:45 Times Seen1 Hash 465629c59b8eb791d1ba70a883194cad 26300f77d9aaf0a27a35e1775e235426d8bca9ab 98a2d32d14a3235ae6d7ebb8ade8ff5ad3b7b2657d3d5ddc62e1cfab248fd643 Loading...

	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.revolution.min.js?ver=20151215	60 kB	2023-03-07	2024-02-07
Pretty URL www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.revolution.min.js?ver=20151215 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:41 Last Seen2024-02-07 02:58:21 Times Seen89 Hash fb6b6e36b090bff086787c90e0c75990 7d91080bb9d159ee45aa45aee2ecbda60a8bc1e5 30f3c0b95fb7ced19181ae8f8490898949799178a2484e7877a081a0d9cc5333 Loading...

	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/custom.js?ver=1.0.0	8.7 kB	2023-03-08	2023-11-01
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/custom.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:21:45 Last Seen2023-11-01 22:12:58 Times Seen14 Hash 348c83eb1440d35b5098d4b814dc49e6 ef0c568815469677e9c4e515cae3e8e2a5678ec4 40d7ecc1c55fe0454edce19929f9b9cbe8cec11ad29c9afd76f73f53c50dd4ad Loading...

	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.tools.min.js?ver=20151215	107 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.tools.min.js?ver=20151215 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:03 Last Seen2024-04-26 17:41:13 Times Seen564 Hash 1158097b9314f162e65b1025acd0bd64 a2073c06936eecd650766de92557ff097a3de75b 8fc173f0fbed3772b148991357c3359b9e1a1e67e807d1edfa9ef8ed0050f701 Loading...

	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/owl.carousel.min.js?ver=1.0.0	43 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/owl.carousel.min.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 15:52:49 Times Seen8133 Hash b7b9c97cd68ec336d01a79d5be48c58d 1a99890b57c9859a622337ed0b2f989d6e30cc0e b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43 Loading...

	www.lepplawfirm.com/	271 B	2023-03-08	2023-03-08
Pretty URL www.lepplawfirm.com/ IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:21:45 Last Seen2023-03-08 23:21:45 Times Seen1 Hash c3bb7852ed0d106ec25a9b9c39ebfd80 d3cc015653b670bc9dafb66f45f5697d7e01f0cb 1f34beaabbbfa999d2dcb0ffe4f7198f73514e91b2f36ebe8ceb85484f18e231 Loading...

	www.lepplawfirm.com/wp-content/plugins/theme-core/js/main.js?ver=20151215	1.2 kB	2023-03-08	2023-11-01
Pretty URL www.lepplawfirm.com/wp-content/plugins/theme-core/js/main.js?ver=20151215 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:21:45 Last Seen2023-11-01 22:12:58 Times Seen13 Hash 0f3a0bba3f35c9ac7df87f7c5b183fe7 ef227314d0f9310f4702a9e032bb0af09841f50e 8739635bc508594559d4020edef80c382b5062684fd2f6055fdd488dedb7dfa0 Loading...

	www.lepplawfirm.com/	2.2 kB	2023-03-08	2023-03-08
Pretty URL www.lepplawfirm.com/ IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:21:45 Last Seen2023-03-08 23:21:45 Times Seen1 Hash 47e2a01590050b9d7b4d79418534f08b f4594140d3ea9526ac9a7e3c2abb9ef363bc1669 4a809dfbf002bbe87bd88c47d0d1eecd90b96c6f7e59ff8a57e120a25c2385c9 Loading...

	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.layeranimation.min.js?ver=20151215	45 kB	2023-03-07	2023-12-04
Pretty URL www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.layeranimation.min.js?ver=20151215 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:41 Last Seen2023-12-04 17:39:11 Times Seen55 Hash b2fcebf265791bfa5814ee0d934bd7b1 5000703eb2da9b64f24da9d1b654e1307b5cdc75 aa615ce45326d5cb01ce7d27b3d36f05c2389917cd1c8a5bc8f633aff79c127b Loading...

	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/bootstrap.min.js?ver=1.0.0	49 kB	2023-03-07	2024-04-27
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/bootstrap.min.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-27 07:15:27 Times Seen137305 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/skip-link-focus-fix.js?ver=1.0.0	683 B	2023-03-07	2024-04-27
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/skip-link-focus-fix.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-27 02:00:34 Times Seen3293 Hash 75abd4cd8807b312f9f7faeb77ee774b e7b7a7ed06d0123ab8667a1d1eeb23de9f2bece7 ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034 Loading...

	www.lepplawfirm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-27
Pretty URL www.lepplawfirm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 02:39:29 Times Seen68686 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/mixitup.min.js?ver=1.0.0	29 kB	2023-03-08	2023-11-01
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/mixitup.min.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:21:45 Last Seen2023-11-01 22:12:58 Times Seen18 Hash 86ee5008b1a9ca91be223fe9c41a0d43 df119d0730799ea1721a970757a0910a81338438 75d4bfa1a31974ca4839207bce28d9e43c74156a65e464837b1192db15da31c9 Loading...

	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.waypoints.min.js?ver=1.0.0	8.0 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.waypoints.min.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:26 Last Seen2024-04-26 15:52:49 Times Seen6791 Hash dfe0eedf8da578f4a4c43b05448c51d9 812d7071b4e44b1aa5d5ea6c7ce0b79eb9d46520 a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833 Loading...

	www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3	65 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-26 17:32:09 Times Seen3734 Hash e1223af8dbcd0552f6f6dc540431451e c01d6134f72ae04cb327a86918f3e88a63684e90 27ead7f47a3fb4d1e7cbef0c68e28bde7ea18923cf41d8ca82ba13584eebc710 Loading...

	www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.counterup.min.js?ver=1.0.0	1.1 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.counterup.min.js?ver=1.0.0 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 15:52:49 Times Seen14726 Hash ef36cca760bf1cd76cfcd0e4dc10cef1 ef38469f60d58850fe55c4de2ec7e289a2415d71 26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29 Loading...

	www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	12 kB	2023-03-08	2024-04-24
Pretty URL www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3481 Hash 1f9968a7c7a2a02491393fb9d4103dae 0032c8a6a692e6f072b2cef20828449402fdd57d f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49 Loading...

	www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.actions.min.js?ver=20151215	8.1 kB	2023-03-07	2023-11-01
Pretty URL www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.actions.min.js?ver=20151215 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:41 Last Seen2023-11-01 22:12:58 Times Seen35 Hash 72e72eec197fd9fefac6351aaa34e211 2c1923e7b524c2485de4681c7d8424226f316acd 4ad0fdf276675f0aaa335d225ba01a983dde3c6346b3c85d17034866c2b723dd Loading...

	www.lepplawfirm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5	21 kB	2023-03-07	2024-04-26
Pretty URL www.lepplawfirm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5 IP 198.187.31.167 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-26 10:42:39 Times Seen2020 Hash 5a627237805ba8fde358e571c3333197 b7365a7674259f505dc10e24e1b06c7e64555ed1 43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf Loading...

HTTP Transactions (78)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7268
Expires: Fri, 09 Dec 2022 06:01:33 GMT
Date: Fri, 09 Dec 2022 04:00:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4914
Expires: Fri, 09 Dec 2022 05:22:19 GMT
Date: Fri, 09 Dec 2022 04:00:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4479
Expires: Fri, 09 Dec 2022 05:15:04 GMT
Date: Fri, 09 Dec 2022 04:00:25 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 03:08:17 GMT
content-type: application/json
age: 3128
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: bo+ZCOLnYTqR+nXA99EvwsujI9k2NJ3TWPc+VTV6pUMsh46WNYnU3tEJ+XIFqrFV9ZuLvQ1XjAA=
x-amz-request-id: F9PA67H3V4XKGRFS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 03:50:06 GMT
age: 619
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

lepplawfirm.com/

198.187.31.167

301 Moved Permanently

707 B

URL HTTP/1.1
lepplawfirm.com/
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 09 Dec 2022 04:00:25 GMT
server: LiteSpeed
location: https://lepplawfirm.com/
x-turbo-charged-by: LiteSpeed

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:00:25 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 03:07:59 GMT
age: 3147
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
d5dbbb504cd7bfe86e759b3cf8e05694
40f6f9b0379cb778b626a05c244d34732fe6c6aa
aa0510ba9c5c34323f214d195f454b7adc52ff77d6b9008cc98b461de5eb50e0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:00:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 17:58:32 GMT
Expires: Wed, 14 Dec 2022 17:58:31 GMT
Etag: "40f6f9b0379cb778b626a05c244d34732fe6c6aa"
Cache-Control: max-age=481684,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776ad5745b7db51d-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4084
Cache-Control: max-age=108870
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:00:26 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:14:56 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

lepplawfirm.com/

198.187.31.167

301 Moved Permanently

0 B

URL HTTP/2
lepplawfirm.com/
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://www.lepplawfirm.com/
x-litespeed-cache: hit
content-length: 0
date: Fri, 09 Dec 2022 04:00:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.223.160.237

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.223.160.237:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hPClNWBT5bsCofFMS90Vfg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e0ejBjY7fXVLd4pfXD2Xk/AJ4Ac=

www.lepplawfirm.com/

198.187.31.167

200 OK

19 kB

URL HTTP/2
www.lepplawfirm.com/
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8047)
Size
19 kB (19199 bytes)
Hash
15f8ba30318e43031924826d3e6b0f8b
dbec9fac815920947f1d0d1586821f7c8c877ab7
659e4ce4b02512855d03b08058ec889eff8a0cbe83414d26b627aba78b9b5818

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://www.lepplawfirm.com/wp-json/>; rel="https://api.w.org/", <https://www.lepplawfirm.com/wp-json/wp/v2/pages/1780>; rel="alternate"; type="application/json", <https://www.lepplawfirm.com/>; rel=shortlink
etag: "364-1670444948;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 19199
date: Fri, 09 Dec 2022 04:00:26 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:00:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:00:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.lepplawfirm.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

198.187.31.167

200 OK

11 kB

URL HTTP/2
www.lepplawfirm.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (43771)
Size
11 kB (10946 bytes)
Hash
d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 21:40:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10946
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

198.187.31.167

200 OK

848 B

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: text/css
last-modified: Mon, 11 Oct 2021 13:40:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/css/front/style.css?ver=6.0.3

198.187.31.167

200 OK

707 B

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/css/front/style.css?ver=6.0.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
707 B (707 bytes)
Hash
4260926574de63de423160d24c13b567
7c7afb79207e4f3b3679d46dadf301a71f980064
2327802c26d1a72cff40be743c89ddd463a52c62f1bfffe64ccc84eb7f3c8513

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/css/front/style.css?ver=6.0.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: text/css
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 707
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3

198.187.31.167

200 OK

9.2 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Size
9.2 kB (9202 bytes)
Hash
91084012b4eafcd38f6cfc2875e82a53
64ba4bbdceb066ad26eb84f4db5ca9a10eed36f0
8b5d57fe4bfa9f73ac4f1c84d4ecf6b4770330898a12934799a4ccfcf9fea998

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: text/css
last-modified: Wed, 01 Jul 2020 17:02:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9202
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/css/main.css?ver=6.0.3

198.187.31.167

200 OK

8.6 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/css/main.css?ver=6.0.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
assembler source, ASCII text
Size
8.6 kB (8554 bytes)
Hash
bd92f323e8ce23aa97fe4045a80f084d
c33bfc26105538726060e2665c86ccdda33298ea
a36450331c46e23403bccba85e6a049bac5a3b66a83d74f9e4abce91a6357247

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/css/main.css?ver=6.0.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: text/css
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8554
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/css/vendor.css?ver=6.0.3

198.187.31.167

200 OK

42 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/css/vendor.css?ver=6.0.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
42 kB (41822 bytes)
Hash
c6c6c96d1147f6b82d70c79fa99fd585
3f9a11afb9c832b7e0cf1fe4bac3a7912c474763
accd11a8dfa62ff84d64b7691fe366b9fffdf67efb72a9414f090e0694acbece

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/css/vendor.css?ver=6.0.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: text/css
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 41822
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/css/unit.css?ver=6.0.3

198.187.31.167

200 OK

2.0 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/css/unit.css?ver=6.0.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
2.0 kB (2023 bytes)
Hash
9cbc72767fe13a67cd93b82cb99242c6
c6c7013220dd24df027b59c7a894f464e5daadb2
d2878c26296ed07b8318a517ecafe7e50cbd64322067f6aadf6f6fd4828025d1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/css/unit.css?ver=6.0.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: text/css
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2023
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/style.css?ver=6.0.3

198.187.31.167

200 OK

2.3 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/style.css?ver=6.0.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
2.3 kB (2332 bytes)
Hash
336f98631f95fede34b0501f91ebc89a
25d4c51f0e06c9f97745e1b4bfc846cbdc372a9d
38ff3ebb8391b99e8d9ed569ab4d686f5050c6e4dc3449798a73e7bb38b3a31b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/style.css?ver=6.0.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: text/css
last-modified: Wed, 01 Jul 2020 16:58:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2332
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

198.187.31.167

200 OK

30 kB

URL HTTP/2
www.lepplawfirm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30273 bytes)
Hash
34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Thu, 11 Mar 2021 01:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5

198.187.31.167

200 OK

42 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65358)
Size
42 kB (41954 bytes)
Hash
20075f07f46db048312caa6cb2503105
70643151fab045ef063454e3b4d11f8c8a7aaaf4
42a0a96fb5a0ee4a67cbf8d1e9ed136cae1cd8a5577f3210ecd3ad289fafbcba

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: text/css
last-modified: Wed, 01 Jul 2020 17:02:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 41954
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3021
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 04:00:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3021
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 04:00:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3021
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 04:00:28 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3021
Expires: Fri, 09 Dec 2022 04:50:49 GMT
Date: Fri, 09 Dec 2022 04:00:28 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7897 bytes)
Hash
8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 1322
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12748 bytes)
Hash
730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:34:32 GMT
age: 33956
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7557 bytes)
Hash
5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:15:07 GMT
age: 74721
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8204 bytes)
Hash
9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:50:07 GMT
age: 43821
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7217 bytes)
Hash
955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:15:09 GMT
age: 63919
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7960 bytes)
Hash
eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 80179
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/js/admin/el-scripts.js?ver=20151215

198.187.31.167

200 OK

1.3 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/js/admin/el-scripts.js?ver=20151215
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1435), with CRLF line terminators
Size
1.3 kB (1274 bytes)
Hash
900e5eb176f648bff63fe42d32767e50
02abbca76a640f06618cc567d53ff73c2578cf3f
27ee544824fd9b564e18b28ca34f3fc269348c5d9976105b8b9eba0f2fdb217e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/js/admin/el-scripts.js?ver=20151215 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1274
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/images/logo4.jpg

198.187.31.167

200 OK

9.2 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/images/logo4.jpg
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 208 x 214, 8-bit/color RGB, non-interlaced\012- data
Size
9.2 kB (9203 bytes)
Hash
b0218dde08fa24d4c91a633d53b4520c
fbfd12c71064a78781dadd43261de4b4d5f4dd9f
6b0afbc22abf54b274dc67f441f31cb1a36aeb8a2e87f12aa132f6c4c30696e8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/images/logo4.jpg HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-length: 9203
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

198.187.31.167

200 OK

2.8 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9937), with no line terminators
Size
2.8 kB (2817 bytes)
Hash
4317b1c024df372435f6482deadddeb3
5c8824a17e40a44ea8fc51568b98bdb1e2e7fab5
3798fb16289ba55459fb6d3b2efa915e3c019c5942759abb7bd19a0ef622b85d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:16:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2817
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

198.187.31.167

200 OK

4.0 kB

URL HTTP/2
www.lepplawfirm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

198.187.31.167

200 OK

3.7 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (12310), with no line terminators
Size
3.7 kB (3706 bytes)
Hash
dc6411bfa6891b75944f0074c945752d
03c1a8b686c287068c61ab90f58d905496d65085
96abeabc9cc7b4c2b7d46579f2827c67ccd02fbaef0343ae052f71accd381b0d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 13:16:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3706
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution-active.js?ver=20151215

198.187.31.167

200 OK

752 B

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution-active.js?ver=20151215
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
752 B (752 bytes)
Hash
5a371a0e465fa681f4c53b1ebcb4f8e0
d547a7c6fbdc9032540529629c4baabc3f9f14ad
a7eadb069b72457b368fe8e3833c7429ebb57df96f52fa4738acfbb1ba5d39ff

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/js/revolution-active.js?ver=20151215 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 752
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/js/main.js?ver=20151215

198.187.31.167

200 OK

458 B

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/js/main.js?ver=20151215
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
458 B (458 bytes)
Hash
3bab17e112299d061dcaf1c6d9c67112
c6ee39cde849433eb61c74740922fff689de075d
4134387a16250a63d466f1b9e27f5311c12497dce8e61c5ba10b6ff99d258e36

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/js/main.js?ver=20151215 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 458
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.navigation.min.js?ver=20151215

198.187.31.167

200 OK

6.7 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.navigation.min.js?ver=20151215
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (25682)
Size
6.7 kB (6678 bytes)
Hash
b0930b5f9e9a8dcb73dbf145572c700f
0831b18218cd738e27ac00a181f8352a7b67729c
4479e2af4ebbf1edd8282e8cac3044406359d07c13fc69304e0a38a5ba753c54

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.navigation.min.js?ver=20151215 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6678
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/modernizr-2.8.3.min.js?ver=1.0.0

198.187.31.167

200 OK

6.0 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/modernizr-2.8.3.min.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (14856)
Size
6.0 kB (6009 bytes)
Hash
d28a3a6cc89f8d1af1c4f354ee0013cb
457bc78a4d6fb63dfd01b69ff45c8b7afe41f356
1e6321e05015600b85c1b3c56a62e073fd2c1a56a24b8a2bdc28d7ce80df7f24

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/modernizr-2.8.3.min.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6009
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.revolution.min.js?ver=20151215

198.187.31.167

200 OK

16 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.revolution.min.js?ver=20151215
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32001)
Size
16 kB (15974 bytes)
Hash
b009e367d3f48377ee1faa64e7b935fb
d0cdab923a2610a0c1fbc3768ac9c4ea9266a81d
4c7539249997db67bc31512e9cdc026d6a1f6dd956a5e82ffec7fc793d32562d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/js/revolution/jquery.themepunch.revolution.min.js?ver=20151215 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15974
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.slideanims.min.js?ver=20151215

198.187.31.167

200 OK

6.4 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.slideanims.min.js?ver=20151215
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (28128)
Size
6.4 kB (6383 bytes)
Hash
b1d40493665e2aa09fde467040151b4c
6e7fc8a918eb0aabea5578c410a7fb61fc6584d3
f208bff0cc4b6beef7f4358753ea695b96cf995f51f4240f16f814c7d560daf4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.slideanims.min.js?ver=20151215 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6383
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/wow.min.js?ver=1.0.0

198.187.31.167

200 OK

2.6 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/wow.min.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (8385)
Size
2.6 kB (2572 bytes)
Hash
107dc8412f1d1b5d592b7aa4e1cefe2b
8bf3c355236d4027cd8502e012385b6716208afa
36dc8ecf10c0d74fd942a7afc2304bb7f253c4479cd59f9945e39353ce0c6ae3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/wow.min.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2572
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.layeranimation.min.js?ver=20151215

198.187.31.167

200 OK

11 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.layeranimation.min.js?ver=20151215
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32013)
Size
11 kB (11404 bytes)
Hash
87cad64e3e429eb90f2241aced58c3b8
bd2cb68e7c67f447b1650df4b7364c904f703d6a
31ed66e8f577d0bbe81ef0d919c28fce3c50650c0248722565a06ab20b250fce

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.layeranimation.min.js?ver=20151215 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11404
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/bootstrap.min.js?ver=1.0.0

198.187.31.167

200 OK

12 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/bootstrap.min.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (48664)
Size
12 kB (12542 bytes)
Hash
1920dcf98bdc1749f31cca2c8292382b
9ef9e32cd84342d91b482381406cc661a216fa10
f019376e66bddab543d57ee52002ff65d02dd74cdb32f437f3f4f1fa36fca994

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/bootstrap.min.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12542
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/owl.carousel.min.js?ver=1.0.0

198.187.31.167

200 OK

11 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/owl.carousel.min.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32000)
Size
11 kB (10649 bytes)
Hash
1b649a193df8c648d381cdda8dd268b4
f01dcdb5e3ede69da1d3e8556dcd993f0105b61d
dd2f2af9b8d391f704ec91ab6ef3e32ff56afacc88ba92b8a8834ca562de8bcb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/owl.carousel.min.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10649
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/mixitup.min.js?ver=1.0.0

198.187.31.167

200 OK

7.9 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/mixitup.min.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (29299), with CRLF line terminators
Size
7.9 kB (7883 bytes)
Hash
e82551cef25df4d8c6c47d2b3be01dc6
575adc8ef98e33abb5a36f9031a858780f6bfe78
51b23ca958027df696ded1ab2b59a28ebe5e19d157be2e4debfcc2de3354ad7c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/mixitup.min.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7883
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/skip-link-focus-fix.js?ver=1.0.0

198.187.31.167

200 OK

329 B

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/skip-link-focus-fix.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
329 B (329 bytes)
Hash
3a64800773bfe595b239b145544f53ae
b3823f6ad4af9d8d5fef257fb0e0f051fe862850
94a59e936d6899110fbfd966c8ad7e8913af5f3cede1026f7369854346147e5b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/skip-link-focus-fix.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 329
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.actions.min.js?ver=20151215

198.187.31.167

200 OK

2.3 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.actions.min.js?ver=20151215
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7860)
Size
2.3 kB (2253 bytes)
Hash
c4b0570c01674d8858f5f75899a15608
e82c1914e6a9958be33c68308e2025212663cacd
41f9d555d82d438b3d78402afd2e126184f6114dac822e2e6dfac90747810b0e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/js/revolution/extensions/revolution.extension.actions.min.js?ver=20151215 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2253
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

198.187.31.167

200 OK

4.6 kB

URL HTTP/2
www.lepplawfirm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.waypoints.min.js?ver=1.0.0

198.187.31.167

200 OK

2.5 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.waypoints.min.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7808)
Size
2.5 kB (2461 bytes)
Hash
c5caa8567f12989b5b77097e164196ac
a983cdf44314a6a2ab08b8c34290cc8861c0d8d8
5344e700c28cf98a8442240bf1f51a6de71b697369ab729ce1c90cfb42b3dea8

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/jquery.waypoints.min.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2461
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.counterup.min.js?ver=1.0.0

198.187.31.167

200 OK

496 B

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/jquery.counterup.min.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (917)
Size
496 B (496 bytes)
Hash
2232520d40c725142b8050168dc2f6cb
7cfcb359e148c475a6bc291058376798827de022
c958cb4dad52ed8fac81b75ea4ef6e900bbbf084487470d6c95daa4a0c0b56ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/jquery.counterup.min.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 496
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/custom.js?ver=1.0.0

198.187.31.167

200 OK

2.2 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/custom.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
2.2 kB (2173 bytes)
Hash
0eab6886407e17eed13a3eec705ee3a7
7879aff7ca3ecd5a69bb5459d1feef2f5a990f24
9727b69f2257d9b92b6c76f38bbc7713eb4fc939181ce87d16dc11485d1b8ae0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/custom.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2173
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/js/navigation.js?ver=1.0.0

198.187.31.167

200 OK

966 B

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/js/navigation.js?ver=1.0.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
966 B (966 bytes)
Hash
5be960ad967ddc97877059334e5d18c8
b36f2c62ec9974f5b88602e24b7fc8c56f99aeab
69d80fcc62d066293e69eaa33cafd726c68d47a1039190e9a28680096f2231db

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/js/navigation.js?ver=1.0.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 966
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5

198.187.31.167

200 OK

5.5 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (20382)
Size
5.5 kB (5548 bytes)
Hash
1cc3bfea5fa80bf9f2a441e1295f9ec1
de1999503eb5fc6d064550306343487b76e0a3c8
4cdba162e790be8c9b7d86d25ef8e71958ca26d34b5850a50ae155520b41620b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5548
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3

198.187.31.167

200 OK

17 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (64614), with CRLF line terminators
Size
17 kB (17404 bytes)
Hash
6a14a3cd55e65364d78e4d446374f9c9
c49d5dd44284393f46b8654f2b322cd8115c2975
8cc406a6925a4c5fd8328e053d09decedfa0abed1c5bb5e0f1e823722e013ab5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17404
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3

198.187.31.167

200 OK

37 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (27287), with CRLF line terminators
Size
37 kB (37078 bytes)
Hash
35a51e38495aaf16a9afbedea89516d9
12728c5a9fa3a4c8ce7eda5691898cdf9edd4098
f0e12559fca9076577202ec712d76767eabb2c0c17791176fdb8ccd3768dc45b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.3 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:29 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37078
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.tools.min.js?ver=20151215

198.187.31.167

200 OK

36 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/plugins/theme-core/js/revolution/jquery.themepunch.tools.min.js?ver=20151215
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (27184)
Size
36 kB (36079 bytes)
Hash
99fad9870688aa88e55664c4d9dc9a00
ae27b7f82c272b98ebba82d123017bf3cb514fb8
4124c20d285ba0df06a7c131246c24f1ec0b28d2eda5c62df0876e367b2c2f80

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/theme-core/js/revolution/jquery.themepunch.tools.min.js?ver=20151215 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: application/javascript
last-modified: Wed, 01 Jul 2020 17:02:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 36079
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:00:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lepplawfirm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 292067
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/uploads/2020/07/testimonial-bg.jpg

198.187.31.167

200 OK

102 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/uploads/2020/07/testimonial-bg.jpg
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x730, components 3\012- data
Size
102 kB (102304 bytes)
Hash
5441679fa1db96d5e5c44640e133c8b8
5f531aeb2b69169e6b5e6be166f1c8de6da131dc
84cca38d82996fc31be1444c51dad639248bc68484767d8ae1f49c6132909cbc

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/07/testimonial-bg.jpg HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 17:18:27 GMT
accept-ranges: bytes
content-length: 102304
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:00:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2

216.58.207.227

200 OK

36 kB

URL HTTP/2
fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Size
36 kB (35660 bytes)
Hash
0d0d3e5824e5e67a9e993960df2b67a9
328d67bb1d5899a7809df9f4385181863fd035f1
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639

HTTP Headers

GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.lepplawfirm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 08:31:54 GMT
expires: Fri, 08 Dec 2023 08:31:54 GMT
cache-control: public, max-age=31536000
age: 70115
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/fonts/icomoon.ttf?ume250

198.187.31.167

200 OK

9.2 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/fonts/icomoon.ttf?ume250
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
9.2 kB (9224 bytes)
Hash
39853666212f395555151ba2a0defd32
d1226669c38bff9de1dc3eb178cafe40afb4834b
0ae38567ab90772c70bfabfe3d9bb7ff3fa6ca023546f5f873275c59a88471a7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/fonts/icomoon.ttf?ume250 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/wp-content/themes/fexa/assets/css/main.css?ver=6.0.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:29 GMT
content-type: font/ttf
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-length: 9224
date: Fri, 09 Dec 2022 04:00:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/images/service-bg.jpg

198.187.31.167

200 OK

100 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/images/service-bg.jpg
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x979, components 3\012- data
Size
100 kB (99926 bytes)
Hash
d2ce994bed1c13fe73fb7d24d2779a28
2131dd1392db81b74d0fa93f460d695eb34ff963
c2ede9bb804b7cd50fa98625cfac8795059ea44244c8f3a1cf3fc270fad8a54e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/images/service-bg.jpg HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/wp-content/themes/fexa/assets/css/main.css?ver=6.0.3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:29 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-length: 99926
date: Fri, 09 Dec 2022 04:00:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/themes/fexa/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

198.187.31.167

200 OK

77 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/themes/fexa/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/fexa/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.lepplawfirm.com/wp-content/themes/fexa/assets/css/vendor.css?ver=6.0.3
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:29 GMT
content-type: font/woff2
last-modified: Wed, 01 Jul 2020 16:58:26 GMT
accept-ranges: bytes
content-length: 77160
date: Fri, 09 Dec 2022 04:00:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/favicon.ico

198.187.31.167

404 Not Found

1.2 kB

URL HTTP/2
www.lepplawfirm.com/favicon.ico
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 09 Dec 2022 04:00:30 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

www.lepplawfirm.com/wp-content/uploads/2020/07/contact-bg.jpg

198.187.31.167

200 OK

452 kB

URL HTTP/2
www.lepplawfirm.com/wp-content/uploads/2020/07/contact-bg.jpg
IP
198.187.31.167:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3\012- data
Size
452 kB (451796 bytes)
Hash
efe0ac872a05103b44114bfa958dbcec
712a9b5af78671a6ab17d190b4dacca35b0277e3
65d73cd36331118f09c4a19d4318563a9d654d12cd565dda9d3cd858f5efeee2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/07/contact-bg.jpg HTTP/1.1
Host: www.lepplawfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 16 Dec 2022 04:00:27 GMT
content-type: image/jpeg
last-modified: Wed, 01 Jul 2020 17:18:19 GMT
accept-ranges: bytes
content-length: 451796
date: Fri, 09 Dec 2022 04:00:27 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7694 bytes)
Hash
e00cf5825452b2f69b0ac859dccb64ab
60aed079c48181cf46cef4d1aaa1c316a7ef7048
3aea2aa14407b6ac9d64d0f35111fec50f51632adfc39047c15bde4afd148a78

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7694
x-amzn-requestid: 0c67138c-1a6d-49ef-bd43-f9a7176679ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZjFjrIAMFUSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925909-764272151a0a4d284c6cb1bb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaEYG20Wueg557qEBq46sSUl3-_HxgZA73s-kPo3GmYgWgrGgFPl_Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:48:32 GMT
age: 22322
etag: "60aed079c48181cf46cef4d1aaa1c316a7ef7048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

themebeer.com/themes/fexa/wp-content/uploads/2019/07/logo-white.png

45.79.75.12

404 Not Found

0 B

URL HTTP/1.1
themebeer.com/themes/fexa/wp-content/uploads/2019/07/logo-white.png
IP
45.79.75.12:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/fexa/wp-content/uploads/2019/07/logo-white.png HTTP/1.1
Host: themebeer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 04:00:29 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://themebeer.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

themebeer.com/themes/fexa/wp-content/uploads/2019/07/logo-white.png

45.79.75.12

404 Not Found

0 B

URL HTTP/1.1
themebeer.com/themes/fexa/wp-content/uploads/2019/07/logo-white.png
IP
45.79.75.12:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/fexa/wp-content/uploads/2019/07/logo-white.png HTTP/1.1
Host: themebeer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 04:00:27 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://themebeer.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

themebeer.com/themes/fexa/wp-content/uploads/2019/07/logo.png

45.79.75.12

404 Not Found

0 B

URL HTTP/1.1
themebeer.com/themes/fexa/wp-content/uploads/2019/07/logo.png
IP
45.79.75.12:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/fexa/wp-content/uploads/2019/07/logo.png HTTP/1.1
Host: themebeer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 04:00:27 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://themebeer.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

themebeer.com/themes/fexa/wp-content/uploads/2019/07/logo.png

45.79.75.12

404 Not Found

0 B

URL HTTP/1.1
themebeer.com/themes/fexa/wp-content/uploads/2019/07/logo.png
IP
45.79.75.12:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /themes/fexa/wp-content/uploads/2019/07/logo.png HTTP/1.1
Host: themebeer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 404 Not Found
Date: Fri, 09 Dec 2022 04:00:29 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <http://themebeer.com/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

fonts.googleapis.com/css?family=Lora%3A400%2C700%2C700i%2C700i%7COpen+Sans%3A300%2C400%2C600%2C700%2C800&subset=latin%2Clatin-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lora%3A400%2C700%2C700i%2C700i%7COpen+Sans%3A300%2C400%2C600%2C700%2C800&subset=latin%2Clatin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lora%3A400%2C700%2C700i%2C700i%7COpen+Sans%3A300%2C400%2C600%2C700%2C800&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.lepplawfirm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 04:00:27 GMT
date: Fri, 09 Dec 2022 04:00:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations