balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg.html
45.79.7.19301 Moved Permanently 707 B URL HTTP/1.1 balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg.html
IP 45.79.7.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg.html HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 23 Dec 2022 14:54:51 GMT
server: LiteSpeed
location: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
vary: User-Agent
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e300ca7d2d586dd1ca0c185ef6b0da5
3914cfd3b7aa6e1d1117bf509319479e489ed2a4
91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13740
Expires: Fri, 23 Dec 2022 18:43:51 GMT
Date: Fri, 23 Dec 2022 14:54:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad598540c6639aaaa344fb3ce4f3162f
b0b9f86d50de7dc23bdc7aee2f45d79a06165afc
4e9aaff330ce0c9c11f6bb8502fe21296b1845151bace75f73908a3194d5d0a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9AAFF330CE0C9C11F6BB8502FE21296B1845151BACE75F73908A3194D5D0A1"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2695
Expires: Fri, 23 Dec 2022 15:39:46 GMT
Date: Fri, 23 Dec 2022 14:54:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 14:46:09 GMT
content-type: application/json
age: 522
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4386
Expires: Fri, 23 Dec 2022 16:07:57 GMT
Date: Fri, 23 Dec 2022 14:54:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VBZyTKA7cFoYsUFBv5xCmcZHkX6g0z1C+cIXAZtccsVtKp+ZN4WoLk2SicINGtm8UFiz7ZUxN28=
x-amz-request-id: B0VBV8GBK1KS8H93
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 13:56:13 GMT
age: 3518
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 14:54:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.demandforce.com/widget/css/widget.css
104.18.12.41301 Moved Permanently 326 B URL HTTP/1.1 www.demandforce.com/widget/css/widget.css
IP 104.18.12.41:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f28f0fb9d51d8e331c51da566736f405
d6f878209c569a9f9d8af8f4cfba29bedbb3d9df
ec49c0a724212b2ae383dfc397ebcd9f00d00c062c398579f5e97f4e4deaeb63
GET /widget/css/widget.css HTTP/1.1
Host: www.demandforce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Dec 2022 14:54:52 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.demandforce.com/widget/css/widget.css
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 0
Expires: Fri, 23 Dec 2022 18:54:52 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 77e1ef5898921bfe-OSL
balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
45.79.7.19404 Not Found 18 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
IP 45.79.7.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002), with CRLF, LF line terminators
Hash 614fa8246eb63c0e89caa9f83bb7abfb
5c68f529bfc539c0d1db9a030677044db23c1a55
82cdf0712ecf746efa433c3fbde6f94309cd4a284a46a614a698c03fb12b9d94
Analyzer Verdict Alert fortinet Malware
GET /about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://balanceepigeneticorthodontics.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: miss
content-length: 18042
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
fonts.googleapis.com/css?family=Open+Sans%3A800i%2C800%2C700i%2C700%2C600i%2C600%2C400i%2C400%2C300i%2C300%26subset%3Dvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic&ver=1.0.0
142.250.74.106200 OK 1.1 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans%3A800i%2C800%2C700i%2C700%2C600i%2C600%2C400i%2C400%2C300i%2C300%26subset%3Dvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic&ver=1.0.0
IP 142.250.74.106:0
Hash 7d5978eb65ebf46f535000aeb7b83d11
d64c84281e4ca0605a4f4cc201edd15c2328a7f7
fffe03db40fdc7db46668277add134eb4886f80caa9faf08b9ca8360908e3ebd
GET /css?family=Open+Sans%3A800i%2C800%2C700i%2C700%2C600i%2C600%2C400i%2C400%2C300i%2C300%26subset%3Dvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 23 Dec 2022 14:54:52 GMT
Date: Fri, 23 Dec 2022 14:54:52 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
balanceepigeneticorthodontics.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
45.79.7.19200 OK 12 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (47826)
Hash 45b3843596f3eda24398e2c1f68ee268
4ad9a0e6ed85ca57c5d134aa5ca546e19910640d
f2784720bca9efcc4c4c3ab35d5fa3b523eb1915acc04a53273559907d352e36
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 05:57:16 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 12489
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 14:08:02 GMT
age: 2810
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/grid.min.css?ver=6.1.1
45.79.7.19200 OK 1.9 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/grid.min.css?ver=6.1.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (12282), with no line terminators
Hash b967176734b9c258af3048cae5204f82
fc2c1e9ee59f424f44000d5bdea8a3f3d176c829
1fd49e8270863d6583996d7f9761f019552ee31430880f960b2ca6e1e732fe45
GET /wp-content/themes/norebro/assets/css/grid.min.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1850
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
45.79.7.19200 OK 4.2 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 45.79.7.19:0
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4168
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 5bbbe997ad7dda55cefe3f369288dfd8
10afc4bcba85bb75610e44999a479883f11ee3d3
61e0b0c3c252a37d1059bb43be690fc0e430ee5eac89ed72f60ad3283d31d8d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Etag: "63a523d5-118"
Server: ECS (amb/6BA5)
Content-Length: 280
balanceepigeneticorthodontics.com/wp-includes/css/classic-themes.min.css?ver=1
45.79.7.19200 OK 188 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/css/classic-themes.min.css?ver=1
IP 45.79.7.19:0
Hash 8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 05:47:35 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 188
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
45.79.7.19200 OK 5.0 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 11:26:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 5021
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
45.79.7.19200 OK 995 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
IP 45.79.7.19:0
Hash 31fbd21f33f377b20dfd23858b3d6c36
411fb366aa169e2343b03e1d46d2b3eeca1831d2
7206ade2601b87b9aaa35be4ceaa86d474c398d11479a9e46f27cf2b571a28b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Sat, 17 Dec 2022 19:47:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 995
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
45.79.7.19200 OK 31 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (65447)
Hash cc5a8bfbf7d31fbc3022dc05e964a95c
81edda48c2c2c97bf79dea1ec91b89105e4ba00b
651c822702a9ac476c260fd37dccab6c3da8306ff6dd922e9d68cfa7863bfe42
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 05:47:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 31046
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro-child/style.css?ver=1.2.0
45.79.7.19200 OK 599 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro-child/style.css?ver=1.2.0
IP 45.79.7.19:0
File type ASCII text, with CRLF line terminators
Hash 44334824710c2a096a0c6b4450768edb
8a81619a9ccac4ce5aedfbeeec3c73e8a5980f6b
276dfdf512491ac744dcf02d26bdff3ced312189cc464a85a3492aca13fdee19
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro-child/style.css?ver=1.2.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:31:04 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 599
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5511
Cache-Control: max-age=157426
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 10:38:38 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/ionicons.min.css?ver=6.1.1
45.79.7.19200 OK 8.3 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/ionicons.min.css?ver=6.1.1
IP 45.79.7.19:0
File type Unicode text, UTF-8 text, with very long lines (50851)
Hash b3729c58bad09d820d1d7359aa33dbd6
89c22368b74c18bd1d0c23c3329978c8381f6775
81faf8e2ad5b847e2519bf65d300d4da516c97433e7da06311545811dbdd60a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/css/ionicons.min.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 8262
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/aos.css?ver=6.1.1
45.79.7.19200 OK 2.2 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/aos.css?ver=6.1.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (25948), with no line terminators
Hash 9642b2bea9f59a2e0bc7407015351335
49a874e8db68eac8f1d851b8d7e94e5866b9651e
a2dfe701e9b4a28aaab0280556d748280d14ffe19a591541858ebeab8bd737c9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/css/aos.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2223
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1
45.79.7.19200 OK 13 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (58301)
Hash 1e10e489c37e0af53a976426df227e23
2b526479d6377d0c11e00fd6c77d736e2d07ff61
7f5ea936bfbfec4771790317284f671e76a91f2a66ebf11ad728f72ea0be93f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 12600
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 49374a31eb1125644ceefa7d17583fc5
0c9ae6933cf0c5fd2b1fa13dc1b8c08f92bee6a9
85a8cbef54a80af67ebea71a48ed697897b432c3bffdf6635fbd348dbdb4c2f6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 74
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 14:54:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1776
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 21:12:02 GMT
Expires: Fri, 23 Dec 2022 21:12:02 GMT
ETag: "0c9ae6933cf0c5fd2b1fa13dc1b8c08f92bee6a9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
balanceepigeneticorthodontics.com/wp-content/themes/norebro/style.css?ver=6.1.1
45.79.7.19200 OK 76 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/style.css?ver=6.1.1
IP 45.79.7.19:0
File type assembler source, ASCII text, with very long lines (867)
Hash 19c93f6594725445d67209314591373b
3858d7fed46fa4f2046bdd9a2732ee5a0a40f9fd
a94504812190a0100404d16bebb552ba5fa666b429152dbb3d694f6f97e07570
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/style.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 75946
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
www.demandforce.com/widget/css/widget.css
104.18.12.41200 OK 10 kB URL HTTP/2 www.demandforce.com/widget/css/widget.css
IP 104.18.12.41:0
Hash 87b69eedf7b2340537fe02bd18f5e2fd
f222da253e75b85bf0d355b4273654e7d66bcf5c
fc10eac6b7d9ab3b05f6144a11d41d246994ffda5b5078c72d7eee885f375f58
GET /widget/css/widget.css HTTP/1.1
Host: www.demandforce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 14:54:52 GMT
content-type: text/css
content-length: 10231
last-modified: Wed, 03 Apr 2019 20:10:34 GMT
etag: "9854-585a5d8a3b4a0"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
expires: Fri, 23 Dec 2022 18:54:52 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 77e1ef5a3b58b524-OSL
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/css/rs6.css?ver=6.5.25
45.79.7.19200 OK 12 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/css/rs6.css?ver=6.5.25
IP 45.79.7.19:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash ffb77e1068f394546172fe07f63b57e3
7f50c1c0cbfbc38933933cc8cefe40856b39d230
10a040d653c1c253bd6bc4dc3555d4fe49283f745c0a34f24c313857e2ef4b5f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/slider-revolution/public/assets/css/rs6.css?ver=6.5.25 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 17:45:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 12522
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
45.79.7.19200 OK 3.0 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash 0673e7e3ff602fbf7abf8f06e158beeb
3b3ef5976363007beb22cbb5b858495278fde81f
97815e1e2325d8b0dafa2fd1160481fd56dd327925852a70fe80a8d847605a5e
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 19:47:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 3047
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash f749dc700a7fa1d681dba5fbb621049b
6dce438c8460139b20c6ce6d8adcd9a2e501ad03
07bde7d791de3fc6ee6e1a0f466c5187170cc40d95871bc9bd63219ddf04fed7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155170
Date: Fri, 23 Dec 2022 14:54:52 GMT
Etag: "63a57c5e-1d7"
Expires: Sun, 25 Dec 2022 10:01:02 GMT
Last-Modified: Fri, 23 Dec 2022 10:01:02 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6zdARB7xiOntvUx_K0mKy-b6d_K0js2QUXdX9dQ1HlmIQtI17YNClg==
balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
45.79.7.19200 OK 4.1 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
IP 45.79.7.19:0
File type HTML document, ASCII text, with very long lines (12652), with no line terminators
Hash 06aa04bc71f0b8f1c7bd1a08685e7aaa
5d8a56f8e80b347072968dc59613f07e22d089e0
e47d09865d5f028aab31c5312606be533eb61fcce601ec6f79ada41112dcf35a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 19:47:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4071
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
dni.logmycalls.com/dni.js?app_id=CT
34.85.193.217200 OK 9.9 kB URL HTTP/1.1 dni.logmycalls.com/dni.js?app_id=CT
IP 34.85.193.217:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type exported SGML document, ASCII text, with very long lines (9867), with no line terminators
Hash ced6ccfdc6a78dc6af7699bca0f7ddcc
5d6f35c34bdf5ad5143654f58e6c8a257677f944
31727cbf910529ec8a9419a97062d31a19f227ce859aff89abf369293fc0dcf5
GET /dni.js?app_id=CT HTTP/1.1
Host: dni.logmycalls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
X-DNS-Prefetch-Control: off
Access-Control-Allow-Origin: *
Date: Fri, 23 Dec 2022 14:54:52 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=0
X-XSS-Protection: 0
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Powered-By: Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/woocommerce-hack.js?ver=6.1.1
45.79.7.19200 OK 2.6 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/woocommerce-hack.js?ver=6.1.1
IP 45.79.7.19:0
Hash b756ebe418e2b3c0520058ddd66b9893
b1a843c4975dd742fcdae043f64caf7271976ea3
76f7bcd59cd640f70257f00a85200dbc5e54f8b653719b345ff48ced0758b7e3
GET /wp-content/themes/norebro/assets/js/woocommerce-hack.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2560
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
143.204.55.97301 Moved Permanently 167 B URL HTTP/1.1 cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
IP 143.204.55.97:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /Xy02NjU5MjM2NzU/oribi.js HTTP/1.1
Host: cdn.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 23 Dec 2022 14:54:52 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
X-Cache: Redirect from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1fiBmm2BaZE2lHotQRuqvhtXz28KhHq5HE8ZCJ3mplbGUSkkqVvlig==
balanceepigeneticorthodontics.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
45.79.7.19200 OK 1.8 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 45.79.7.19:0
File type ASCII text, with very long lines (5477)
Hash 5bc847fcae1a1a6c4b7f79c00d2b7e29
b2237db0dd679c2c8e397e833f04df00d43165e7
bfa7a74e5830c0c26da7ccc50b8e44b401ce1ee8604fceb62e6c1310c47ddb2a
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 00:23:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1831
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-includes/js/masonry.min.js?ver=4.2.2
45.79.7.19200 OK 7.4 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 45.79.7.19:0
File type ASCII text, with very long lines (23966)
Hash c64ef876a5380269bf01eee5dc898d2c
ec456158fe4cf279a2ce25a613fc97202acf2b87
6a084e003863350fb53e74d1b75d732cdfd0489a8f1b15907b406f64a40c95be
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 00:23:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 7376
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 305e61785b6a439d62cc6d1eb782acf0
51c1e3e213b20326f9b0a6089a07d64559945d85
b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
45.79.7.19200 OK 715 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP 45.79.7.19:0
File type ASCII text, with very long lines (1626)
Hash 46cfee7a6b6ed76c0fd609b98415e886
27a59318b05327183e1b7807e2071626f4a08419
21245efcfeb0ee1d850f895f472eca45c5d471e10f03e8f10e826218be1c356a
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Fri, 19 Aug 2016 00:25:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 715
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
www.googletagmanager.com/gtm.js?id=GTM-W27769H
142.250.74.40404 Not Found 1.6 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W27769H
IP 142.250.74.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 151f57e36ef3209fba4d8d79ba1b64cd
8adaaa7dd6bf4c6f257bf656deb83d3ea641a38f
6cb7d087e2eaf9eacf97c7d8b33deb3e7af2f2ec1f79343745a627ef91efbf44
GET /gtm.js?id=GTM-W27769H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 14:54:52 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-includes/js/underscore.min.js?ver=1.13.4
45.79.7.19200 OK 7.3 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 45.79.7.19:0
File type ASCII text, with very long lines (18798)
Hash 0c9eb324833063b3a6a228188ad9d13b
bbb190b8d2486021226d46c78760f08939091642
d51a7349f49dc8eb8ace6c9100379db1c36fac3d981eaf008f8755d20b421632
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 05:47:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 7331
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +ovQqn4cypnvMQAqnPmZVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xE1P43Tv9tl64Kw8CICT+oLbXc8=
chimpstatic.com/mcjs-connected/js/users/35c9ceaeb5ce119bc2ce9d775/82525d81be479c7bca258a4c6.js
96.6.17.210200 OK 50 B URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/35c9ceaeb5ce119bc2ce9d775/82525d81be479c7bca258a4c6.js
IP 96.6.17.210:0
Hash 104d46a3208b40e8ded389332f5a78a3
4ab55ccb2972e9a3cb62c65c97308c2450a682bb
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
GET /mcjs-connected/js/users/35c9ceaeb5ce119bc2ce9d775/82525d81be479c7bca258a4c6.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: WzY2nBZyiG5g1YwCHLyWp+wqcWwBWg/Kw7kYtYbTdvyahJ4k0VCzsI37IxJ3RtDFAayS80hb+xY=
x-amz-request-id: 4AN4VBJ8FHVA3SZK
Last-Modified: Wed, 06 Mar 2019 00:07:44 GMT
ETag: "104d46a3208b40e8ded389332f5a78a3"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 50
X-EdgeConnect-MidMile-RTT: 6, 18, 17
X-EdgeConnect-Origin-MEX-Latency: 106, 97, 100
Cache-Control: max-age=1800
Expires: Fri, 23 Dec 2022 15:24:52 GMT
Date: Fri, 23 Dec 2022 14:54:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/aos.js?ver=6.1.1
45.79.7.19200 OK 4.4 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/aos.js?ver=6.1.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (12537), with no line terminators
Hash f019306f65f7f0ad261bc292cdd031c2
66bd022c43e08bc074f2b3aef4c8e086924abe73
986fb70395a179818a0311e8492d82c93b4bdfcc0110974e24973af87f0a079d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/js/libs/aos.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4353
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0
45.79.7.19200 OK 10 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0
IP 45.79.7.19:0
File type ASCII text, with very long lines (32004)
Hash ff3e2843e4763053c3b03331405478fc
1fb3b2858ea5b5214d3fe094605a37cd8550acce
59b1fa971d986adf33fd149014b2609e50f27f33fe3feafdf6307b60635d69a4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 17:45:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 9985
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
firebasestorage.googleapis.com/v0/b/deardoc-embed-codes.appspot.com/o/Balance%20Epigenetic%20Orthodontics%2FBalance%20Epigenetic%20Orthodontics%20-%20David%20Buck%2Fcode.js?alt=media&token=fc4ec38f-2fc3-4c51-a74f-84b34c7db37e
172.217.21.170200 OK 1.7 kB URL HTTP/2 firebasestorage.googleapis.com/v0/b/deardoc-embed-codes.appspot.com/o/Balance%20Epigenetic%20Orthodontics%2FBalance%20Epigenetic%20Orthodontics%20-%20David%20Buck%2Fcode.js?alt=media&token=fc4ec38f-2fc3-4c51-a74f-84b34c7db37e
IP 172.217.21.170:0
File type ASCII text, with very long lines (1709), with no line terminators
Hash df4e0385a60b253cb14b07d4f1240f8c
3212a60537e3455f7d5b319f4ebb840b44569859
40758cf86ddb7e6919e0042e69961c9393b71c18e21af6a47b5aed2be4f60144
GET /v0/b/deardoc-embed-codes.appspot.com/o/Balance%20Epigenetic%20Orthodontics%2FBalance%20Epigenetic%20Orthodontics%20-%20David%20Buck%2Fcode.js?alt=media&token=fc4ec38f-2fc3-4c51-a74f-84b34c7db37e HTTP/1.1
Host: firebasestorage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsRWFWVVFvd5TSJa17FggpR49LGSikOq5H6OJeTCPkJjZEdQRgNL2a8cnU2TMwbAmxNu3AAhVjE72UQLm2G01Dcew
expires: Fri, 23 Dec 2022 14:54:52 GMT
date: Fri, 23 Dec 2022 14:54:52 GMT
cache-control: private, max-age=0
last-modified: Wed, 21 Dec 2022 21:22:44 GMT
etag: "df4e0385a60b253cb14b07d4f1240f8c"
x-goog-generation: 1671657764130909
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1709
x-goog-meta-firebasestoragedownloadtokens: 67366063-bae2-472c-8b61-d9a4289c9600
content-type: text/javascript
content-disposition: inline; filename*=utf-8''code.js
x-goog-hash: crc32c=Baxc1Q==, md5=304DhaYLJTyxSwfU8SQPjA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1709
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/js/rbtools.min.js?ver=6.5.18
45.79.7.19200 OK 49 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/js/rbtools.min.js?ver=6.5.18
IP 45.79.7.19:0
File type ASCII text, with very long lines (45108), with CRLF line terminators
Hash 48bb4c7f2e930b77a14a7b4b864699e9
d59f7f01e0ded74b188bf1f04dbaa0d84312325c
f12f65abd29d322e6e8ddefc6935c9fd841b1f90b7769ef0b97fea985dc816e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/slider-revolution/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 17:45:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 48944
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/js/rs6.min.js?ver=6.5.25
45.79.7.19200 OK 102 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/js/rs6.min.js?ver=6.5.25
IP 45.79.7.19:0
File type ASCII text, with very long lines (64288)
Size 102 kB (102257 bytes)
Hash 854fb0d3ae424cb2aedb9b106e00542d
64e409b0c960c0f67978f3f8725973d08f71f15b
8787aa1817eaaf083d2c32807be4b0478ba74308c207e71d2ead8e5520caddaa
GET /wp-content/plugins/slider-revolution/public/assets/js/rs6.min.js?ver=6.5.25 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 17:45:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 102257
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/jquery.mega-menu.min.js?ver=6.1.1
45.79.7.19200 OK 4.0 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/jquery.mega-menu.min.js?ver=6.1.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (15661)
Hash f9cd000931604fc9d05d7a851a98aef2
0efc9cffbe045e966095ed0b294bcda5e743767c
3a467fd637cdfe95dc33a8c111ee8a3575a84582eab8657f52ab4c6c5b863bcc
GET /wp-content/themes/norebro/assets/js/libs/jquery.mega-menu.min.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 3957
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/navigation.js?ver=1.0.0
45.79.7.19200 OK 1.2 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/navigation.js?ver=1.0.0
IP 45.79.7.19:0
Hash cdf749824266184df4443235fafc74ce
33008dfde3619bb5eda208ba1bfd3e18d8293309
29c5dea85d89c6fe6f000c347f514fa67fb765fd13747ef68c422ff830e30ed2
GET /wp-content/themes/norebro/assets/js/navigation.js?ver=1.0.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1167
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
143.204.55.97200 OK 3 B URL HTTP/2 cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
IP 143.204.55.97:0
File type JSON data\012- , ASCII text
Hash 8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /Xy02NjU5MjM2NzU/oribi.js HTTP/1.1
Host: cdn.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
content-length: 3
date: Fri, 23 Dec 2022 14:54:52 GMT
cache-control: public, max-age=60
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 00IGTglhUMbB4lbmIwncYiS7m9GQDQ_JQtS8iHIeszQtipTOk9xbHg==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 19 Dec 2022 21:40:09 GMT
Expires: Tue, 19 Dec 2023 21:40:09 GMT
Cache-Control: public, max-age=31536000
Age: 321284
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/skip-link-focus-fix.js?ver=1.0.0
45.79.7.19200 OK 489 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/skip-link-focus-fix.js?ver=1.0.0
IP 45.79.7.19:0
Hash 0f3f620723b9e2acdc5abd4e1f2e4e71
1bf39c083fa5c5a1f0619287454076a691ea0a51
367a5a9b89b6cdc611e4eee2286c27df47a49a8a96bd5acd4326d8848a143aa8
GET /wp-content/themes/norebro/assets/js/skip-link-focus-fix.js?ver=1.0.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 489
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/owl.carousel.min.js?ver=6.1.1
45.79.7.19200 OK 11 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/owl.carousel.min.js?ver=6.1.1
IP 45.79.7.19:0
File type ASCII text, with very long lines (32000)
Hash a887cebbad63de094ca671c2c39532c8
ebf38f6f34d0c03368cc5120cebc469edc964340
471b9524213fd20d992306836cd6d74c2c8e318d78e1fb18ee6186c9322ad008
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/js/libs/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 10951
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/main.js?ver=6.1.1
45.79.7.19200 OK 20 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/main.js?ver=6.1.1
IP 45.79.7.19:0
Hash f8455331b66447563c00856bf0dd9ddd
c264bdd12b43db534479d60387cb8259005da622
28216511bf06fc814e8ee8933290b96ba699dbd35937349025ace2a4f58f0cbb
GET /wp-content/themes/norebro/assets/js/main.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 19859
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/images/scroll-top.svg
45.79.7.19200 OK 504 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/images/scroll-top.svg
IP 45.79.7.19:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 66c18e69f6bdb02ed50d000f267629de
b025792508454280d9f428df4f99459faff1f401
7f00bbfcb3df15fcafc9af9f331bf315faa985e2755a92222db3a1746b473fe9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/images/scroll-top.svg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 504
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-brands-400.woff2
45.79.7.19200 OK 77 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-brands-400.woff2
IP 45.79.7.19:0
File type Web Open Font Format (Version 2), TrueType, length 77400, version 331.17301\012- data
Hash cac68c831145804808381a7032fdc7c2
62584b9868428fd75af3fc5ee2f9918dda428be5
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: font/woff2
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-length: 77400
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-solid-900.woff2
45.79.7.19200 OK 80 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-solid-900.woff2
IP 45.79.7.19:0
File type Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Hash c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: font/woff2
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-length: 80148
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/ionicons/ionicons.ttf?v=2.0.0
45.79.7.19200 OK 109 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/ionicons/ionicons.ttf?v=2.0.0
IP 45.79.7.19:0
File type TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size 109 kB (109188 bytes)
Hash dd0f9f2b8276e5dba2c6263792a03c56
3def20cac583e3bc367b3626608bd0f1f91aabe7
5e7ac037f8b9deedaa097a6ce952c75521cc92a5682022ff0b332227e50c9efd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/fonts/ionicons/ionicons.ttf?v=2.0.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/ionicons.min.css?ver=6.1.1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: font/ttf
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 109188
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/whitelogo.png
45.79.7.19200 OK 28 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/whitelogo.png
IP 45.79.7.19:0
File type PNG image data, 314 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash e80710394ceadece2550850450c6a1ff
11f9e1f15604605a5784b87dd5f1cd66a7d95980
fc72418e9ccaffd6c1a45527b24ade9af1141634e8ce8438c6b350b60d0e5ffd
GET /wp-content/uploads/2022/08/whitelogo.png HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/png
last-modified: Wed, 17 Aug 2022 18:09:59 GMT
accept-ranges: bytes
content-length: 27839
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 7ec18de79114419fdce45deffa982afc
fb28d27513c216013e7aee81f438bb9bb211a706
b7e2e7fb3a5ffd7d2ad589dfb78984004eaa22c7e60e51ee8a2d0bcb34ccc296
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 14:54:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 20:42:08 GMT
Expires: Fri, 23 Dec 2022 20:42:08 GMT
ETag: "fb28d27513c216013e7aee81f438bb9bb211a706"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
balanceepigeneticorthodontics.com/wp-json/contact-form-7/v1/contact-forms/5/feedback/schema
45.79.7.19200 OK 161 B URL HTTP/2 balanceepigeneticorthodontics.com/wp-json/contact-form-7/v1/contact-forms/5/feedback/schema
IP 45.79.7.19:0
File type JSON data\012- , ASCII text, with very long lines (391), with no line terminators
Hash 4b59e8f78ac752aebe87982d779b8e01
903355ec44fac9ba40d78497960b84f57a3fc2be
a2b8a38577ce996a1122fc90d484d7315f44c0b98177a4ce56c70f529ebe5aa9
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5/feedback/schema HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://balanceepigeneticorthodontics.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding,User-Agent
etag: "2133-1671737406;br"
x-litespeed-cache: hit
content-encoding: br
content-length: 161
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ip.convirza.com/ip?
35.221.53.63200 OK 21 B IP 35.221.53.63:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
GET /ip? HTTP/1.1
Host: ip.convirza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 21
Connection: keep-alive
Status: 200 OK
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Credentials: true
Date: Fri, 23 Dec 2022 14:54:53 GMT
ETag: W/"15-9nxfKIe8BWVLR/duliHlOkCRrtE"
X-Powered-By: Express, Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-1.png
45.79.7.19200 OK 76 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-1.png
IP 45.79.7.19:0
File type PNG image data, 291 x 171, 8-bit/color RGB, non-interlaced\012- data
Hash b5ef1a65eb8b40bc527714bf19c958a6
78f7ae74f26968f1ea8350fdc3397b0a12b1d613
1f19265d36bb4c428cb73ffcb552006de179fd00f28acb550eb917b2638d4394
GET /wp-content/uploads/2022/08/Buck-1.png HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/png
last-modified: Wed, 17 Aug 2022 22:10:47 GMT
accept-ranges: bytes
content-length: 75604
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-3.jpg
45.79.7.19200 OK 109 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-3.jpg
IP 45.79.7.19:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 845x853, components 3\012- data
Size 109 kB (109074 bytes)
Hash 963e81f58dd985047e68102f6846d016
1a2f19a367be5f73d038996f4b54186af4a5ab98
fa79c3cce301dc180735aea46299aafe328217dca3642fe748175a427514b514
GET /wp-content/uploads/2022/08/Buck-3.jpg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/jpeg
last-modified: Wed, 17 Aug 2022 22:10:47 GMT
accept-ranges: bytes
content-length: 109074
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-2.png
45.79.7.19200 OK 99 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-2.png
IP 45.79.7.19:0
File type PNG image data, 273 x 209, 8-bit/color RGB, non-interlaced\012- data
Hash 8dd41977ad98559aa872047c0e256c5a
4bd725d10fc0e92681b8f13820f981dcbe44f190
245a0a798b1c16764a04261e7205a61672108f1e25c5fe3f5627f6e95b935218
GET /wp-content/uploads/2022/08/Buck-2.png HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/png
last-modified: Wed, 17 Aug 2022 22:10:47 GMT
accept-ranges: bytes
content-length: 99005
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-4.jpg
45.79.7.19200 OK 100 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-4.jpg
IP 45.79.7.19:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 841x787, components 3\012- data
Size 100 kB (100250 bytes)
Hash e2e14c31d240583b7405aeccf264f669
c0bcf14cef9c55c00eaff47f5ce218382179c1bf
328b34ffe0d79167f37dfa01f60bd069f0c0308da7eb2ad6a9dda40be72f8f19
GET /wp-content/uploads/2022/08/Buck-4.jpg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/jpeg
last-modified: Wed, 17 Aug 2022 22:10:47 GMT
accept-ranges: bytes
content-length: 100250
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/uploads/2022/11/shutterstock_2036186195.jpg
45.79.7.19200 OK 342 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/11/shutterstock_2036186195.jpg
IP 45.79.7.19:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1000x667, components 3\012- data
Size 342 kB (341789 bytes)
Hash 1015c2b4017ad472c70b307da7396b5e
91c975a1ba71f1527a23d33e35c98ab62a439f1c
ea47050d29811cbafa845e46447479f59c7d060da7dce8708addd98cd35fbe9a
GET /wp-content/uploads/2022/11/shutterstock_2036186195.jpg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/jpeg
last-modified: Wed, 30 Nov 2022 22:05:34 GMT
accept-ranges: bytes
content-length: 341789
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
dni.logmycalls.com/load_dni?ref=&code=264b04062f16e0a09354779b624c1eff&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&browser=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ip_host=91.90.42.154&is_dni=&app_host=dni.logmycalls.com&elements=&
34.85.193.217200 OK 561 B URL HTTP/1.1 dni.logmycalls.com/load_dni?ref=&code=264b04062f16e0a09354779b624c1eff&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&browser=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ip_host=91.90.42.154&is_dni=&app_host=dni.logmycalls.com&elements=&
IP 34.85.193.217:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with very long lines (561), with no line terminators
Hash d8c218e14a554d9881d09b5e79f7fa60
2c92c69fc0cbd871651840ee2bacacd3266ae7ce
75a8c3fd39d39a7aa6be8e34934f47c7529ae04afacf90c49b9a56bcb451def3
GET /load_dni?ref=&code=264b04062f16e0a09354779b624c1eff&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&browser=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ip_host=91.90.42.154&is_dni=&app_host=dni.logmycalls.com&elements=& HTTP/1.1
Host: dni.logmycalls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 561
Connection: keep-alive
Status: 200 OK
X-DNS-Prefetch-Control: off
Access-Control-Allow-Origin: *
Date: Fri, 23 Dec 2022 14:54:54 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=0
X-XSS-Protection: 0
X-Download-Options: noopen
ETag: W/"231-LJLGn8DL2HFlGEDuK6ys0yZq584"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Powered-By: Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
static.hotjar.com/c/hotjar-501217.js?sv=5
54.230.111.113301 Moved Permanently 167 B URL HTTP/1.1 static.hotjar.com/c/hotjar-501217.js?sv=5
IP 54.230.111.113:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /c/hotjar-501217.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 23 Dec 2022 14:54:54 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://static.hotjar.com/c/hotjar-501217.js?sv=5
X-Cache: Redirect from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RLJnQJ2Q7sCn_hP1iNo7pzUg_z4P9OTbdsPZZcrzeT_xZrZUJtrUng==
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Fri, 23 Dec 2022 14:23:25 GMT
Expires: Fri, 23 Dec 2022 16:23:25 GMT
Cache-Control: public, max-age=7200
Age: 1889
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c5d392f16d6f3348bd707afe72f37382
f61824a383d18b9d9da451f63ce9a4068f2d1030
bde34b0a32333f86fa6e508a7177a2d231afedbca18febbfd5a0d56dab618d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2690
Cache-Control: max-age=100237
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:54 GMT
Etag: "63a49b49-1d7"
Expires: Sat, 24 Dec 2022 18:45:31 GMT
Last-Modified: Thu, 22 Dec 2022 18:00:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 23 Dec 2022 14:41:11 GMT
expires: Fri, 23 Dec 2022 16:41:11 GMT
cache-control: public, max-age=7200
age: 823
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: st1blaw+MZ2DBqWfhW9LrvnLlgJ/MiqqyMLVmn74gusiEIHm7xp0nuZ5rhXp/CqSGx3/fPQwcMj3hYSEmvkTIg==
priority: u=3,i
content-length: 27298
x-fb-trip-id: 1904183273
date: Fri, 23 Dec 2022 14:54:54 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c5d392f16d6f3348bd707afe72f37382
f61824a383d18b9d9da451f63ce9a4068f2d1030
bde34b0a32333f86fa6e508a7177a2d231afedbca18febbfd5a0d56dab618d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2690
Cache-Control: max-age=100237
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:54 GMT
Etag: "63a49b49-1d7"
Expires: Sat, 24 Dec 2022 18:45:31 GMT
Last-Modified: Thu, 22 Dec 2022 18:00:41 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19311
Expires: Fri, 23 Dec 2022 20:16:45 GMT
Date: Fri, 23 Dec 2022 14:54:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19311
Expires: Fri, 23 Dec 2022 20:16:45 GMT
Date: Fri, 23 Dec 2022 14:54:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19311
Expires: Fri, 23 Dec 2022 20:16:45 GMT
Date: Fri, 23 Dec 2022 14:54:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19311
Expires: Fri, 23 Dec 2022 20:16:45 GMT
Date: Fri, 23 Dec 2022 14:54:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19311
Expires: Fri, 23 Dec 2022 20:16:45 GMT
Date: Fri, 23 Dec 2022 14:54:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61b1b9ece5581fe0b212144f45243f1a
d161c613f1491ae6ab63b536c50c6630e80d6382
f5a2b23b66a05734b86755986573c07c5f75bc6cbe67d2b769aee9ef402b2c14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7117
x-amzn-requestid: 470b959f-7f5f-4a64-8d8d-bfc91856fad2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dUnBBFhZIAMFhiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e8539-3916bad034c86d5503e456f2;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 03:12:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UIB-d7y4AawAml6oXhsAeoIud_U-fhQzha7VwRqY9AgNaYtJ49nlzg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 05:06:41 GMT
age: 35293
etag: "d161c613f1491ae6ab63b536c50c6630e80d6382"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/favicon.ico
45.79.7.19404 Not Found 1.2 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/favicon.ico
IP 45.79.7.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 23 Dec 2022 14:54:54 GMT
server: LiteSpeed
vary: User-Agent
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ee73339f3e7eaeb4c1ecab1a24632a8
48ff42e4329102d6a006b8f947bfaf29c0a5de17
ae5787d0df124d7d95ccaaf58148bb46c931610ca908cd58787748da5b75a1c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12794
x-amzn-requestid: 82617475-f461-429b-b38d-0c84eee33754
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk55IGPioAMFi1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a509d3-0dfc997d3853974a08914362;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:52:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -24dBoLhaZcF6kjZCYp8EJSAYmslMmv15G3oPgPAydPxVA0j51Vs3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:52:20 GMT
age: 46954
etag: "48ff42e4329102d6a006b8f947bfaf29c0a5de17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FGP2S7V05eAwwnHzdlYQJC9ZW-5xLD8Aqi7XBCcJtaqbVoNCocGFhw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:50:42 GMT
age: 47052
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.ai.getdeardoc.com/website/js/widget2.90b5a0ff.js
54.230.111.64200 OK 125 kB URL HTTP/2 static.ai.getdeardoc.com/website/js/widget2.90b5a0ff.js
IP 54.230.111.64:0
Size 125 kB (124821 bytes)
Hash 72abae16c8573009c23ddd15bd927d06
df93eaa1382bc65814428a06bc44de2df49943c0
9c0113b3d5407045f09a87b35dc9ed026de13f5db94a9fdb104bce7b3a2ba0fb
GET /website/js/widget2.90b5a0ff.js HTTP/1.1
Host: static.ai.getdeardoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 26 Oct 2022 05:24:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 27 Sep 2021 19:16:00 GMT
etag: W/"6f94c378b397a2e5b7624a8a84aa07c6"
cache-control: max-age=31536000
x-amz-version-id: ug5rxut924nW6xl37o5nSKKsrF67pAm2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rf3xhc1SFQXj0CEvgtX78cHFoTrXUzTRdjpXAJOwq8TZujA3Va38UQ==
age: 5045437
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636d561f-4cac-46b6-9b12-799eb03be3f7.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636d561f-4cac-46b6-9b12-799eb03be3f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5aee260508b4a6317aa74cfa263fcf0f
0268b809b07f0126ae1c707f0a72cbf2c5ee5dde
b43410a5b53d6318d13a1b6cac311beaff9aaf2b21a6d68420ec7e3291ce44b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F636d561f-4cac-46b6-9b12-799eb03be3f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8103
x-amzn-requestid: 1dec4794-e477-4587-a919-10fed7e06f73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: degIwFtioAMFZoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a27a37-2088c1ec6c0d3158153e907b;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 03:15:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mBdKNm-n2HvTeSA3FxMS7yfjJvmpTCrNNCuOlJgt1Q6y258pawKQ0A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 08:40:52 GMT
age: 22442
etag: "0268b809b07f0126ae1c707f0a72cbf2c5ee5dde"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38cc82b5e5d8c2fee6f51021e156ec81
eafb4e029313caabcdbdc1002abcab95f66e91b1
b8cad011e1a98ee4e896f00263495aab7f9cab986736a7a5b4187b8e94c46493
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11939
x-amzn-requestid: a00e5ab5-ad16-4576-b046-381e36456998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqE94oAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-28687ad51eea1f6f3ce8cc86;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uIDvI3BVK0v68x1jkgw9GB0U1i3l2kyW81q2Kiy3ZDREqQmyUTXCnQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:11 GMT
age: 62203
etag: "eafb4e029313caabcdbdc1002abcab95f66e91b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dni.logmycalls.com/save_log?0=&1=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&2=91.90.42.154&3=Firefox%2F105.0%20(10%3B%20Windows)&4=null&5=5766ce76-0406-4a03-57e7-fecf1abe9dcc&6=16317&
34.85.193.217200 OK 22 B URL HTTP/1.1 dni.logmycalls.com/save_log?0=&1=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&2=91.90.42.154&3=Firefox%2F105.0%20(10%3B%20Windows)&4=null&5=5766ce76-0406-4a03-57e7-fecf1abe9dcc&6=16317&
IP 34.85.193.217:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash dc5182f8de5d9e4b611b0b9e912d7d1d
4c356822222369794ecb568f091965fa56773a7a
749d1a31ce94aaedfe8cfab8cd178ce018c9b4399f8da079f5e3db6d03230978
GET /save_log?0=&1=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&2=91.90.42.154&3=Firefox%2F105.0%20(10%3B%20Windows)&4=null&5=5766ce76-0406-4a03-57e7-fecf1abe9dcc&6=16317& HTTP/1.1
Host: dni.logmycalls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 22
Connection: keep-alive
Status: 200 OK
X-DNS-Prefetch-Control: off
Access-Control-Allow-Origin: *
Date: Fri, 23 Dec 2022 14:54:54 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=0
X-XSS-Protection: 0
X-Download-Options: noopen
ETag: W/"16-TDVoIiIjaXlOy1aPCRll+lZ3Ono"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Powered-By: Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
www.facebook.com/tr/?id=265755707253993&ev=PageView&dl=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&rl=&if=false&ts=1671807293059&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671807293058.1109128723&it=1671807292928&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=265755707253993&ev=PageView&dl=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&rl=&if=false&ts=1671807293059&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671807293058.1109128723&it=1671807292928&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=265755707253993&ev=PageView&dl=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&rl=&if=false&ts=1671807293059&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671807293058.1109128723&it=1671807292928&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 23 Dec 2022 14:54:54 GMT
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-json/contact-form-7/v1/contact-forms/5/refill
45.79.7.19200 OK 6 B URL HTTP/2 balanceepigeneticorthodontics.com/wp-json/contact-form-7/v1/contact-forms/5/refill
IP 45.79.7.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b07a5ba9b682a99be1b186affef4c1b5
f5204461f75a489f887bc06fe3814233eda79b37
61b42daf28736e5f75372490c99c5a0601653e2935ae55c1d462d2474ed94f10
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5/refill HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://balanceepigeneticorthodontics.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding,User-Agent
etag: "2134-1671737406;br"
x-litespeed-cache: hit
content-encoding: br
content-length: 6
date: Fri, 23 Dec 2022 14:54:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 5175aea42857ac2ad88640d5fb5d409c
1297cfa582880d1acf9410fdfa8c91b2dd29641e
ee8ba8be142fa63c66a224437c0c5b7796dd5771cbe147b76187464a37763f9b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118080
Date: Fri, 23 Dec 2022 14:54:54 GMT
Etag: "63a4e5dc-1d7"
Expires: Sat, 24 Dec 2022 23:42:54 GMT
Last-Modified: Thu, 22 Dec 2022 23:18:52 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D_qjomKytSQEivRRYu3-eqrXLDr9Pjk1S8ZL7Q36b_BdHuAhGAGszw==
Age: 1442
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash bd4fe81e1f187198cb17427e941c0c37
95d8abeeb72941e45f1181617b07ad99e289ff13
32dbd790d87ea176d4283ede74b0e01a69f2d6511d0c5f37fd4a166e98822c30
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169578
Date: Fri, 23 Dec 2022 14:54:54 GMT
Etag: "63a5b4a8-1d7"
Expires: Sun, 25 Dec 2022 14:01:12 GMT
Last-Modified: Fri, 23 Dec 2022 14:01:12 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xiNZEZxHJcqUPKBzHms99OaAiDt2TwOtPsfBoBaIO29fz43SCJJhuA==
botsrv.com/qb/data2/DYRAQrGYeKbW05dx/MqLdPEng2Kb6RWpJ?qbReferer=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&qbVersion=1671807293192
54.246.43.32200 OK 19 kB URL HTTP/2 botsrv.com/qb/data2/DYRAQrGYeKbW05dx/MqLdPEng2Kb6RWpJ?qbReferer=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&qbVersion=1671807293192
IP 54.246.43.32:0
Hash 4a4bf1db93c9ec4a856626783e4e03e4
a1733295a87e4faaca8cb04f120a72a68df7c745
9fb4fe5687c5d9d2de3434e17de692f4adc6867db3a97d893b44e2288c4c1734
GET /qb/data2/DYRAQrGYeKbW05dx/MqLdPEng2Kb6RWpJ?qbReferer=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&qbVersion=1671807293192 HTTP/1.1
Host: botsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 14:54:54 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: http://balanceepigeneticorthodontics.com
access-control-allow-credentials: true
content-security-policy: default-src * blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *; frame-src *; style-src 'self' 'unsafe-inline' * blob:; frame-ancestors *
x-dns-prefetch-control: off
strict-transport-security: max-age=63072000; preload
x-download-options: noopen
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
set-cookie: qb.A={"balanceepigeneticorthodontics.com.MqLdPEng2Kb6RWpJ":{"visit_count":1}}; path=/; expires=Mon, 23 Dec 2024 14:54:54 GMT; samesite=none; secure; httponly
qb.A.sig=OtDlgWHmKG2_VrEQMXMSzncJ9nA; path=/; expires=Mon, 23 Dec 2024 14:54:54 GMT; samesite=none; secure; httponly
cache-control: max-age=31536000
expires: Sat, 23 Dec 2023 14:54:54 GMT
last-modified: Fri, 23 Dec 2022 14:54:54 GMT
x-cached: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
media.botsrv2.com/control/img/400x300/93/c1e19f76f943049d5f9db92530cb0a/blob.png
143.204.55.97200 OK 156 kB URL HTTP/2 media.botsrv2.com/control/img/400x300/93/c1e19f76f943049d5f9db92530cb0a/blob.png
IP 143.204.55.97:0
File type PNG image data, 338 x 300, 8-bit/color RGB, non-interlaced\012- data
Size 156 kB (155774 bytes)
Hash 13c7cdeb96445af9b21fc3d563810a5b
d78422f990e423c74a4b99634da60a94e7a57c20
260c89db1e7e6cf195b1ae2b70aee96f09c9639bd824db1ae7d7369f75dac7fc
GET /control/img/400x300/93/c1e19f76f943049d5f9db92530cb0a/blob.png HTTP/1.1
Host: media.botsrv2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 155774
date: Mon, 12 Dec 2022 16:52:54 GMT
last-modified: Tue, 12 Jan 2021 15:17:39 GMT
etag: "13c7cdeb96445af9b21fc3d563810a5b"
cache-control: max-age=31536000
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FCvcZKAK4f8elQFmORkAn4fCPZkoVHwNX3MCYkNOva1K1L33qGaxrw==
age: 943322
vary: Access-Control-Request-Headers,Access-Control-Request-Method, Origin
X-Firefox-Spdy: h2
api.equally.ai/api/v1/widget/config?apiKey=JNkC0qJSyZAu6y6gpHac&userID=9e4947f35751465411fd1a4f5c358c78
50.16.159.228204 No Content 0 B URL HTTP/2 api.equally.ai/api/v1/widget/config?apiKey=JNkC0qJSyZAu6y6gpHac&userID=9e4947f35751465411fd1a4f5c358c78
IP 50.16.159.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/widget/config?apiKey=JNkC0qJSyZAu6y6gpHac&userID=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: api.equally.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-referer
Referer: http://balanceepigeneticorthodontics.com/
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Dec 2022 14:54:57 GMT
server: nginx
apigw-requestid: dmsiOi1goAMEaBA=
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: *
access-control-max-age: 0
X-Firefox-Spdy: h2
api.equally.ai/api/v1/widget/config?apiKey=JNkC0qJSyZAu6y6gpHac&userID=9e4947f35751465411fd1a4f5c358c78
50.16.159.228200 OK 997 B URL HTTP/2 api.equally.ai/api/v1/widget/config?apiKey=JNkC0qJSyZAu6y6gpHac&userID=9e4947f35751465411fd1a4f5c358c78
IP 50.16.159.228:0
File type JSON data\012- , ASCII text, with very long lines (997), with no line terminators
Hash fbbc51aa4f3325fff9b515b18c61c80c
ceb9fd6079a9b1503b42311ce457133f7569397f
4563fb357a5654ffdedbac31b280ac012b82dec6930caf9b1cd80a8fe6adc5d2
GET /api/v1/widget/config?apiKey=JNkC0qJSyZAu6y6gpHac&userID=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: api.equally.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/61abb03e09107160395ae1c94d05f7d2/jpg
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 14:54:57 GMT
content-type: application/json
content-length: 997
server: nginx
apigw-requestid: dmsiPhb8oAMEaRw=
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash a706e18a200067a6e2d20bebdb7fcdae
e64ce67329ed29aac14296b9186821e06743f4d6
d3305b66c7e0fbd4a155b88424d9994d8e3c6f11ef9d39fefa5a8f307b2bba40
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 23 Dec 2022 14:54:57 GMT
Last-Modified: Fri, 23 Dec 2022 13:22:06 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8XoDtGtsvatR_LEDWz94LHaTWpFYftmU0_pwZ4NDLJyfeqfasSEPBA==
Age: 5571
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash a706e18a200067a6e2d20bebdb7fcdae
e64ce67329ed29aac14296b9186821e06743f4d6
d3305b66c7e0fbd4a155b88424d9994d8e3c6f11ef9d39fefa5a8f307b2bba40
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88015
Date: Fri, 23 Dec 2022 14:54:57 GMT
Etag: "63a4604f-1d7"
Expires: Sat, 24 Dec 2022 15:21:52 GMT
Last-Modified: Thu, 22 Dec 2022 13:49:03 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4Oxvcmnv6u9CzhK1c-NphpUXjqt0LfkYJnwNOeu4O4P9FPAzTeOkug==
Age: 5569
dni.logmycalls.com/update_session_last_used?dni_id=5766ce76-0406-4a03-57e7-fecf1abe9dcc&number_to_display=&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&client_id=1664834280.1671807293&custom_parameter=&
34.85.193.217200 OK 20 B URL HTTP/1.1 dni.logmycalls.com/update_session_last_used?dni_id=5766ce76-0406-4a03-57e7-fecf1abe9dcc&number_to_display=&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&client_id=1664834280.1671807293&custom_parameter=&
IP 34.85.193.217:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /update_session_last_used?dni_id=5766ce76-0406-4a03-57e7-fecf1abe9dcc&number_to_display=&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F61abb03e09107160395ae1c94d05f7d2%2Fjpg&client_id=1664834280.1671807293&custom_parameter=& HTTP/1.1
Host: dni.logmycalls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 20
Connection: keep-alive
Status: 200 OK
X-DNS-Prefetch-Control: off
Access-Control-Allow-Origin: *
Date: Fri, 23 Dec 2022 14:54:57 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=0
X-XSS-Protection: 0
X-Download-Options: noopen
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Powered-By: Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
equally-ai-widget-v2.s3.amazonaws.com/locales/en.json
52.217.110.68200 OK 10 kB URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/locales/en.json
IP 52.217.110.68:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (637)
Hash affefbd206d7a4b7c2c7d64c2e6382a3
bfdfe8e1a622fe23bb87fb57e9a2d67180edec81
e3f7975e961e53ea2b174b636928745560dfbb6ff5819b74350a83623c2d2609
GET /locales/en.json HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: S8+TdlcL4dcFudePvIogOEIPmfufbEYcnfp5wwjqdmJ/g0TlugOEmV0VRIDUqm3HotK5tYg1E/Y=
x-amz-request-id: 34JKKSHP5YWSMKRY
Date: Fri, 23 Dec 2022 14:54:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "affefbd206d7a4b7c2c7d64c2e6382a3"
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 10469
equally-ai-widget-v2.s3.amazonaws.com/fonts/OpenDyslexic-Regular.otf
52.217.110.68200 OK 218 kB URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/fonts/OpenDyslexic-Regular.otf
IP 52.217.110.68:0
File type OpenType font data\012- data
Size 218 kB (218076 bytes)
Hash a8330e9d483bfacd2e974f09e19a0b52
680295c21472d666f5603ab41a88f0061a012769
dd11c8008b7eab2ea917b46defaea238cddfb05bff238f92b52eccd072401c29
GET /fonts/OpenDyslexic-Regular.otf HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: PWemd9FdG5esyp6ZgJgxU4FNLSNHlL4y44idu0RgDkJ+zQd+0ehUrI4L6cOFJzggAWzl9ffPxMA=
x-amz-request-id: 34JQYCRCX1J5B3BQ
Date: Fri, 23 Dec 2022 14:54:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "a8330e9d483bfacd2e974f09e19a0b52"
Accept-Ranges: bytes
Content-Type: font/ttf
Server: AmazonS3
Content-Length: 218076
equally-ai-widget-v2.s3.amazonaws.com/equallyai-widget.css
54.231.232.89200 OK 32 kB URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/equallyai-widget.css
IP 54.231.232.89:0
File type ASCII text, with very long lines (31794)
Hash 30688985e4c7e333e0d0b7c1119a0aa9
8d7a5fbcb01ea4f0366025d941b342c5ec71b072
3e35f5a72d84d44c4771bfc1c4b2f196e0563f318390440e419f843beb697fa8
GET /equallyai-widget.css HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: FdSo/yVLOeCCEBVg2BCoXEOkdVX34kXKerk1iHTkYWLE/VGrogJf1HKjuIuzogyXkqdKZ595QIc=
x-amz-request-id: 123J67MV179SN2H1
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "30688985e4c7e333e0d0b7c1119a0aa9"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 31795
equally-ai-widget-v2.s3.amazonaws.com/flags/ro.svg
54.231.232.89200 OK 178 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/ro.svg
IP 54.231.232.89:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash a9e8cdfefb0cb78dfe786276f500656a
e51d10f2076a27aadd90e0b721db1cc27d16fcac
ea3e3c17cfd414a403313ddc73a62a264cbc205d962214e272321566e0d78ce8
GET /flags/ro.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Bc7IN/MEL6FK3MavOnJWlK16/RE4XErHJtOiItwlwJervlbwWTUgtmazr08xa6sHivxCvoTtUNI=
x-amz-request-id: 123K6SSB0YPPPXA6
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "a9e8cdfefb0cb78dfe786276f500656a"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 178
equally-ai-widget-v2.s3.amazonaws.com/flags/lt.svg
52.216.113.19200 OK 178 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/lt.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 60ce52ef375f0a7bf84149719ad6a8e2
3d701e7b8bfe1efd9007a8923a5840b8980f156e
429d40e370103a47cb2fa03e143136308ce0ad387fc05acfff349d40406440a2
GET /flags/lt.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: dOuhwk1mWPTC083sar3OY/R4ovP5osdGvuxAoqY7B76EZYzC7MpFZAykW2WdZKkxG/U8De60Uck=
x-amz-request-id: 123N66RQ3RGFHGPV
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "60ce52ef375f0a7bf84149719ad6a8e2"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 178
equally-ai-widget-v2.s3.amazonaws.com/flags/fi.svg
52.216.113.19200 OK 233 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/fi.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 079f4bcbd1f4a3a2ac55d1071961eaa4
ee9e44f99bf66d57a6a7bab4bde5ca93db308498
2f57f5b4ec3968d3127d25c1ba8973b593df0bfa8171a12d7c9f399a038ca071
GET /flags/fi.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 4Mq87GAVZcxu52fV6jbu9NmQ5F9i17QJKKHiDw7zmfT93s4FNvk3rwm9wXqhhp+kND6kixFAoa8=
x-amz-request-id: 123R6WGN83YS48P4
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "079f4bcbd1f4a3a2ac55d1071961eaa4"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 233
equally-ai-widget-v2.s3.amazonaws.com/flags/dk.svg
54.231.168.41200 OK 222 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/dk.svg
IP 54.231.168.41:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c0cd63470ccdd66eb1b70437c4897d2e
a2e2f30ae670e0c6d157c984c00cb5012a31c3a6
dc4827058fb343b6fa6383fb5e3471f4ab744a82d0f6ec9d895e8ce5d2a969ff
GET /flags/dk.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: iC7XJ+d/V59Zog20fn5Cev+lepcJkd9LUucCaQy81bwLdleZGeydTqgdY76+lWMXiEromK20iss=
x-amz-request-id: 123TZ7EKXRW8XJV6
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "c0cd63470ccdd66eb1b70437c4897d2e"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 222
equally-ai-widget-v2.s3.amazonaws.com/flags/gr.svg
52.216.113.19200 OK 206 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/gr.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash abd7d677957e863655f6bc059dbaebfb
8669a88fe4ce928c9beb91f1f076cb09b2ae829b
86cce2a11b19e83087b4ea15be2c293563f8dc90df958488174c2194e2adac07
GET /flags/gr.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Bq6O0ll7Iu5aqFT1aIEsiNpAI0TWjEWK6YqtKgs3k8ql3AcKgbmq8vS+E3F/WIQN1fXkM54HN2g=
x-amz-request-id: 123JANKQKYG7SG7F
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "abd7d677957e863655f6bc059dbaebfb"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 206
equally-ai-widget-v2.s3.amazonaws.com/flags/se.svg
52.216.113.19200 OK 216 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/se.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 1f642770ccba1a8f5948ac69923c15ba
2ccce0709119188a1cc30358bcf197415c812abd
1d7c3fc0594c8fb856d9fd0a13a752dfaf8643c8b073582909c88be24e7e416f
GET /flags/se.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: riyiWTFX1iJOKbopEVh2zjDoQId/5oIEOHfNYvAxhG9USTYAqIn9kNQXn47sg/JPJ56QCJaxuW8=
x-amz-request-id: 123KSY1WMJG5P80R
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "1f642770ccba1a8f5948ac69923c15ba"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 216
equally-ai-widget-v2.s3.amazonaws.com/flags/lv.svg
52.216.113.19200 OK 138 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/lv.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 12cebcfb5d166f7cd2b6a3fb48c0924d
388674b2cf8c8c65742d9dfbf128aaeef6bb87e6
442240b6d0d4290a8a5bf289beae6d52665dc71f7cb529034682c8fdcf313bb1
GET /flags/lv.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 5DL8GcA3rZLpxWKCk0A5Lq8jVKmvROiS8R0gNhijK66IqAY2fn2TKBPVrH08CqRme5oEvitMl1A=
x-amz-request-id: 123T3WA2E3AKDZCQ
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "12cebcfb5d166f7cd2b6a3fb48c0924d"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 138
static.ai.getdeardoc.com/website/js/widget2.d8d5abfb.min.js
54.230.111.64200 OK 45 kB URL HTTP/2 static.ai.getdeardoc.com/website/js/widget2.d8d5abfb.min.js
IP 54.230.111.64:0
Hash 483241ab8801916c38a82492440f2437
96e4874bbf05efdfaa92773d435f36f6cb197564
633242feef7d98835cc1b41ceaa80e63eb406e417379964cd68ad0158a432976
GET /website/js/widget2.d8d5abfb.min.js HTTP/1.1
Host: static.ai.getdeardoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 19 Dec 2022 18:54:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 19 Dec 2022 18:27:46 GMT
etag: W/"1d9896a7cf8d9e604754586813930fe5"
cache-control: max-age=31536000
x-amz-version-id: WQSmeNppbdk44AFdei9L73ATk8psNzfQ
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ldx2koI4fdbdSKrrsYzE0nSRMdKlo5Qst7BxdhMSm4RBgbP2B9YfFg==
age: 331209
X-Firefox-Spdy: h2
equally-ai-widget-v2.s3.amazonaws.com/flags/pt.svg
54.231.168.41200 OK 12 kB URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/pt.svg
IP 54.231.168.41:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (11565), with no line terminators
Hash 3db75d5500aac310ba9be72fe78c09a0
363bdf21f0639f50650c84ee00328cdaf9808744
42f2a22d45c6f2d8ba1ebc17ed8b417762baeed4f314c68deb39d8534b8f8ab0
GET /flags/pt.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: l+KiXel/zyLt4rAeTGCUnJIZw0gUR9iCtA/xa/kR9AF5/LCA2HEz3pyA5SLvUoC5Kp14JOHbH7c=
x-amz-request-id: 123SPV6STE7FZYJC
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "3db75d5500aac310ba9be72fe78c09a0"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 11565
equally-ai-widget-v2.s3.amazonaws.com/flags/de.svg
52.216.113.19200 OK 411 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/de.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 53d375e4d05c0f07c61381c149666a95
fe93497d92cd71f190aed01f6571d7efee86a27b
22c3fd46dc28317aef90042c0753148aa68707737146640e11165d6df6c02178
GET /flags/de.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: f293BDtH4GDOg6OZEAyFth2GdHHf49v1/mpmBnE8HM8vNSx0OPiw8BeMpY8eksLxUDFoP0icqC4=
x-amz-request-id: 123MRJ5J7Z97FV0H
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "53d375e4d05c0f07c61381c149666a95"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 411
equally-ai-widget-v2.s3.amazonaws.com/flags/nl.svg
52.216.113.19200 OK 175 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/nl.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 5f6ef944bbde5608a5cfd566abc3a61a
a0f3eb8677eafc4ecb91a3d9bfcf9a6f7e93698f
0d04d9eadc49c5514881c1c3f7c465a10a37ead378bc5e61cf96fdfcb3599e54
GET /flags/nl.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: IZhNCTEFEGG93Pl8gtQl/6z40wBnUAYkRb9Rcl3GkBDz4WeNz3KoGvWHI4az+3gEuGgpfMt4zGY=
x-amz-request-id: 123VBZQR9M6VEFVK
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "5f6ef944bbde5608a5cfd566abc3a61a"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 175
equally-ai-widget-v2.s3.amazonaws.com/flags/ru.svg
54.231.232.89200 OK 232 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/ru.svg
IP 54.231.232.89:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 8c35008bdd453eb7092e5589433ee345
b3c858cef676e243cf366f8916e251460c3bcd42
a8b719965d947ab374c07d0da488c475e73334fc9ca9f2c970f0c176ea609f0c
GET /flags/ru.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: //IO664uAlsgEsFYySyjql7GFqrK8aglXzJ63aE0Be1/9o1UccxbBq/wnFcuiMtvi+Q73T7KQF0=
x-amz-request-id: 123H6KTT60RT4XJE
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "8c35008bdd453eb7092e5589433ee345"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 232
equally-ai-widget-v2.s3.amazonaws.com/flags/it.svg
54.231.168.41200 OK 202 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/it.svg
IP 54.231.168.41:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4f6374bbba141514028cfee25e6b8b50
ac86e2c7427a7dbf76f4d0816bb32576797cdc24
985a85728ad37064b2b77bf64f50abedc823aee1f9f85918aa1adbb54e6af176
GET /flags/it.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: OpuFe2q7FfGBEhVEeYHwQu78kdc/BK3vJDSL9MnOh0HXpoFqGdsjG6MKytruXQB9zIx1j2BOuwQ=
x-amz-request-id: 123TAZ5A3H63FND5
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "4f6374bbba141514028cfee25e6b8b50"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 202
equally-ai-widget-v2.s3.amazonaws.com/flags/fr.svg
52.216.113.19200 OK 468 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/fr.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash aba229ec8b9399af14875fba8715b4e5
ce43ebeffe1999665551114dabf3b266103167a6
e3d85ea6dbd284d131f55a919eccaf1eb6bc6b8b57804859ee984bc57bb931a1
GET /flags/fr.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: av9zwzWsGrSQ55p/LhfH/dnI6sHYbQ3FaySfKssJv8bLWanNpwqE0MCxk6CPZ8wA5lFEo2wE280=
x-amz-request-id: 123XHH5TV3S4QNRK
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "aba229ec8b9399af14875fba8715b4e5"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 468
equally-ai-widget-v2.s3.amazonaws.com/flags/hr.svg
52.216.113.19200 OK 68 kB URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/hr.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f4e06f4da88eab5e630a6263b8f5ebdf
6634852359c36d861e779da12353990318fecbe6
ecd619e1013f1de98ab10d4693d8d17ff1924494c099aaef02b0700636b51339
GET /flags/hr.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: l+rqtyfsHiTcFzs6GvjRuT2V98LNk6QuGZFd9EkvzvLjkL2j+VMqlQg9LeaWPh9nup+NGIJl3XQ=
x-amz-request-id: 123Q676BP43MGRDG
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "f4e06f4da88eab5e630a6263b8f5ebdf"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 68044
equally-ai-widget-v2.s3.amazonaws.com/flags/cz.svg
52.216.113.19200 OK 212 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/cz.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 047e732decd62b9d3ce350a2cd8f4de6
6fc63acef22f0cadbc7b7474bbed135e8af7b423
a71bcb7e97223bdca2ff6105c4e261e96eaed1009d6326c404abe20011ed7dad
GET /flags/cz.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: TqHYe2cb5AlGT/K51YJiaQqbaz4tbdmuCFI6T7f4D5zRm+brZlchXOv4ZCnUEfKXh6XYjr5wn7s=
x-amz-request-id: 123X4N803DKVRZ2Y
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "047e732decd62b9d3ce350a2cd8f4de6"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 212
equally-ai-widget-v2.s3.amazonaws.com/flags/he.svg
54.231.232.89200 OK 856 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/he.svg
IP 54.231.232.89:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (856), with no line terminators
Hash 39aa6f7e5890377271d5434c4f76386b
511bbb911363237a31e85e4b941485e00fb24b41
0d86756671757b1622e49e7b1405334d749dc18b0377b422fa0b8a0c493d9dc6
GET /flags/he.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: RCxPjow8i0R83ASVHnzwfdiTu/zUjNX9kZke7tHUjZbjRc3XvBSpIuVLARY66/noceKfRKLPmwk=
x-amz-request-id: 123ZD5C4VNJ53SQC
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "39aa6f7e5890377271d5434c4f76386b"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 856
equally-ai-widget-v2.s3.amazonaws.com/flags/bg.svg
54.231.168.41200 OK 294 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/bg.svg
IP 54.231.168.41:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash d35abad4c97cd9e2b3cc342cb745d11d
8022a50219f5a4c3dde77f3def5b4fed3ca0b8f5
3beaf2aa05abc754a560f723315ba58156356abc654d952382c6e6bb60cfb7f2
GET /flags/bg.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: pgjMLh6gvh/R5Lnvd3h8gYXwRguRjww67euWjYYNneEL71H+gnpYvsYR1NTzLvPUdcaLPnVvU1A=
x-amz-request-id: 123H2DYRSK1CCJS3
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "d35abad4c97cd9e2b3cc342cb745d11d"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 294
equally-ai-widget-v2.s3.amazonaws.com/flags/pl.svg
52.216.113.19200 OK 142 B URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/pl.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash e2afe0f6676f52f2142f71e9b3570e81
7536c4c02b73935018aeb09785a46798a5577831
608e5ed6a0820b02ac00e5ee7457a9822b5e5c1be9cba69d17c5a3e9ca4a4377
GET /flags/pl.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: +l2yXxVJ5addRdxYJkT5pF1cHZU7xRWKIBwloD29KMy4TqPgOYr7QcxTy4wS4dOL/sTRMaLGnT0=
x-amz-request-id: 123H2Y07MD8ZXZAF
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "e2afe0f6676f52f2142f71e9b3570e81"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 142
equally-ai-widget-v2.s3.amazonaws.com/flags/es.svg
52.216.113.19200 OK 151 kB URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/flags/es.svg
IP 52.216.113.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4288)
Size 151 kB (151073 bytes)
Hash ce15a45bbe7193fd267a2b79f695f851
209e07c7ad0d1ff3c4acc7fdd96abcb34ef68355
f8b2beb661f2060ad9acfc574d17fb9b51d984c3ec4559defc2360a1192ba667
GET /flags/es.svg HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: l8FwUsPk89Urf98LGxT6qQynPYF0pMaJwEa52DzgFp1i5/UzfvzfOtDWiMtDkkfpeGJD10lKz2E=
x-amz-request-id: 123H2PEQ0TVV09QJ
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "ce15a45bbe7193fd267a2b79f695f851"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 151073
static.botsrv2.com/website/css/widget.ddbdd5c6.min.css
143.204.55.101200 OK 0 B URL HTTP/2 static.botsrv2.com/website/css/widget.ddbdd5c6.min.css
IP 143.204.55.101:0
GET /website/css/widget.ddbdd5c6.min.css HTTP/1.1
Host: static.botsrv2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Tue, 30 Aug 2022 03:00:46 GMT
last-modified: Tue, 30 Aug 2022 00:45:56 GMT
etag: W/"3f84d0378ee533c011943bd04e319353"
cache-control: max-age=31536000
x-amz-version-id: CBXehOl5t3E8ep8qJ0UE_2YFcC00dGi0
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AJiaIgoG-Fk0Hhrj6j40tPkOXwVcQsgqpNXkwNNTNGVkZOCWeIf6cA==
age: 9978848
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-501217.js?sv=5
54.230.111.113200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-501217.js?sv=5
IP 54.230.111.113:0
GET /c/hotjar-501217.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 14:54:54 GMT
cache-control: max-age=60
etag: W/399d6c5932d4e9ea4fe047102c694c46
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: M5mSf-v4QQjx2pmzrpMsTZZNnMl6CmOMmtDCNyi19YlTQ6u6C0lD5A==
X-Firefox-Spdy: h2
widget.equally.ai/equally-widget.min.js
54.230.111.42200 OK 0 B URL HTTP/2 widget.equally.ai/equally-widget.min.js
IP 54.230.111.42:0
GET /equally-widget.min.js HTTP/1.1
Host: widget.equally.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 22 Dec 2022 15:20:10 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 23 Dec 2022 14:54:55 GMT
etag: W/"8c090a67d52b9f65fe8853e935b6b4ca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y2qM4T34SwP_Y386HAWwuu35gzMxrgGyOjfllXFxhal8WFct9Immrg==
X-Firefox-Spdy: h2