restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
93.95.216.126301 Moved Permanently 308 B URL HTTP/1.1 restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 347491a6a1ff59de44a0b8c72cff9ff6
a2333499828c269c521c1b268236d0912cf23815
ca0636875bddb8f1d9ec49166de5c1c62941fca60223a4ee2873c6021ac10d9a
Analyzer Verdict Alert fortinet Phishing
GET /de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/ HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Sep 2022 19:46:47 GMT
Server: Apache
Location: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cache-Control: max-age=172800
Expires: Mon, 12 Sep 2022 19:46:47 GMT
Content-Length: 308
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15893
Expires: Sun, 11 Sep 2022 00:11:40 GMT
Date: Sat, 10 Sep 2022 19:46:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 19:06:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Zc2f5YcBtAVqFz1E9oq5HHTCH_oID1LTFPWXgl6MSGOvqXgoY1BELg==
Age: 2397
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9jnbYkvzwXuuELQWMdiltiF-sL5qDQtOcnkeW1xsHN2K9EUUvASFEg==
age: 44975
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 19:46:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe7003928a0537235302630af470f2f6
9c9eaef5aeeae0334aef3c9aaba64d1cfb29258d
90efef0dc263bb4c0646d83ae7f922516cf8f702224865a0423281fcc2975b3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "90EFEF0DC263BB4C0646D83AE7F922516CF8F702224865A0423281FCC2975B3C"
Last-Modified: Thu, 08 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Sun, 11 Sep 2022 01:46:03 GMT
Date: Sat, 10 Sep 2022 19:46:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 18:56:07 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 19:10:55 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7VqaWyaJLb9Flg0VxyZptQNuw-yMKd8ldEj3NKWeoVPnmGcrzzGNDw==
Age: 3040
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6021
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:47 GMT
Last-Modified: Sat, 10 Sep 2022 18:06:26 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.17.90101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.17.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IfAZzmswrm0Hw/LbPJDv4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NLh1ywkNr/3pfuEnYwZ1DuR3epk=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65deebab57142db522e6c874673bdd9f
bfd022181afaec5035f868ccd05fac58113f81dc
7470143c8bd79f00190a3766ebaa9c632d0aa47693fc4c146f097873865da327
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
restyle.freesmile.com/wp-includes/css/dist/block-library/style.min.css
93.95.216.126200 OK 7.8 kB URL HTTP/2 restyle.freesmile.com/wp-includes/css/dist/block-library/style.min.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (27525)
Hash a3dd1c0cc400319c405dfb62dc6eba57
0f1baa39908b0bc5a6ab8e82e7a51d2a49021019
153da274f7b797b304dffe7762875bc10694ed11975d1ee06e44fa12060df783
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 22 Feb 2021 23:33:32 GMT
etag: "c88a-5bbf53ada478b-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 7849
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css
93.95.216.126200 OK 955 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash b626cef5b048fdf1474b001bc2472a35
f34bc31a1b41829f8dc181ed6197e645b764e6aa
630d5de8c43fd1fcf89eaf6bd530ff0092c514c01bfbf4d4bd201bee56621f3f
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:52:49 GMT
etag: "c25-5ba5ac93b3574-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 955
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/cforms2/styling/cforms2012.css
93.95.216.126200 OK 1.7 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/cforms2/styling/cforms2012.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash e38e0b2637a20776792f20a920bc7404
5422bb31972059827edf40bd8cae4f48971be813
c35963da313dcb0ab1994f1cb5490eace353236e2a52fb2f8b59a4aad6ef7816
GET /wp-content/plugins/cforms2/styling/cforms2012.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:41:01 GMT
etag: "1cab-5ba482e5c081c-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1749
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css
93.95.216.126200 OK 4.7 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash 7524fec34d2a0e3b5d97773e53cd40fb
4152412c83e0ec1f2b3c9964f3260710ee9717c7
b6dcdffaeaa59249e0e02ee6862af206bfd9e8b9ccc052b8615757ad3886755a
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:52:49 GMT
etag: "6cdf-5ba5ac93b3574-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 4716
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/page-list/css/page-list.css
93.95.216.126200 OK 562 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/page-list/css/page-list.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with CRLF line terminators
Hash d769896d96858a2eb6de1ab982c20288
cdf50b00aea6e6c3361782e09fdaa72192e1aedf
7efbf5a89e27758e9b127876ae639337c20f013bb280a318d8b04d180146216a
GET /wp-content/plugins/page-list/css/page-list.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 08 Feb 2021 10:13:06 GMT
etag: "65d-5bad06a80828b-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 562
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/categoryimage-public.css
93.95.216.126200 OK 1.7 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/categoryimage-public.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (374)
Hash 3ccbe5b36a1a68d6b03ed75fb00d25dd
f83785ac17953204e8850abd9a39a88896e37a25
73eb399ff75da49d54262b9c2e90e3b18f39d00b93c64f98bf161812e8e53faf
GET /wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/categoryimage-public.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 03 Feb 2021 16:37:49 GMT
etag: "1a27-5ba7135267b89-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1698
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/same-category-posts/same-category-posts.css
93.95.216.126200 OK 477 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/same-category-posts/same-category-posts.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with CRLF line terminators
Hash 530fbcb0eab8ddd6c22aea0b05bc5746
c47bf5d1fec47849fe1ac5a23a2b6b9d1e23012e
68170cc4fbd70d7da5f9accc574d79145a4f43ea3acc6a6ae43dc09c6dfd0dd1
GET /wp-content/plugins/same-category-posts/same-category-posts.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:55:23 GMT
etag: "527-5ba5ad26b5334-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 477
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e66743a6c60c1181d7f47c7f748ddfa3
97e333fac41fce213aeda4a42c79b0c5077e26c0
498cbdcbc5fed75df7e4974b21f3be66580dd169b8c82e76c69a823567e27ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
restyle.freesmile.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css
93.95.216.126200 OK 7.0 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (30449)
Hash 8063116190a065a58dc545fec81d8ce5
20e4bf239450f01eb800bb37ef8e771366e8f8a6
ee2fb2d879295b26dab2900936501dd9ebb648e22e0bcb0bc113524c8f23cc20
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Thu, 11 Jul 2019 08:38:33 GMT
etag: "7793-58d63b811b440-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 6970
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/table-maker/css/style.css
93.95.216.126200 OK 1.6 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/table-maker/css/style.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (384), with CR line terminators
Hash 881c5d8c6e5bbd81f935b55a454fbda4
9cc4e11bbfaae5d19f2c8c8ac191a52a56be6d58
9e13b6e3ac0f26bc8ee13e11827796aeca174afbe140538d11644a45cae57937
GET /wp-content/plugins/table-maker/css/style.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Oct 2018 13:58:55 GMT
etag: "17d7-5772b34b305c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1586
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/twenty20/assets/css/twenty20.css
93.95.216.126200 OK 1.1 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/twenty20/assets/css/twenty20.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash abac8fe2dd19d1bfeee769ad3cc57cfc
2cb8d5c0c5c64259e9403498108b0da529f4865f
2b3a8b89861ed898c4b3fac936e51e183056a4915374d3bd1442103384d2ff94
GET /wp-content/plugins/twenty20/assets/css/twenty20.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:55:50 GMT
etag: "1a61-5ba5ad4061727-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1109
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css
93.95.216.126200 OK 1.7 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (6811), with no line terminators
Hash af78223ec492c924e60819c6d23a88da
fdac0f897e52f330a88cb7315eb4286bd113d345
3fc65cc2c4ac794d4c74ed332bbc0e648095060a3c4f2c5468ee10f3ceb22ee9
GET /wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Fri, 11 Feb 2022 12:09:03 GMT
etag: "1a9b-5d7bceec44202-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1693
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css
93.95.216.126200 OK 313 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (850)
Hash 1dd1129795df6e900fecbe2d73ac3068
9adafd827ba7c5a59f41d466862547c45508a0a8
9dfdac78c0115c8877fbe917d83f5ade1e64af7c50c3167ecae8e139efe1edd3
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Thu, 24 Jan 2019 09:34:16 GMT
etag: "353-58030e9fcd600-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 313
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/js/html5shiv.min.js
93.95.216.126200 OK 1.2 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/html5shiv.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type HTML document, ASCII text, with very long lines (2363), with no line terminators
Hash 09aa8cbcb38683367ccdd34a2ff0c0ae
8b4a5ed7d1037522d700e4d41518d10f8bb4d047
75e5fd2274f1a46774b8da29caa97ffca16d24bdffc825d004b95dd1b530c4ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/html5shiv.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "93b-5ba47c516d154-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1189
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/_medicare_/bt_elements.js
93.95.216.126200 OK 2.3 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/_medicare_/bt_elements.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with CRLF line terminators
Hash 54dad87e5d51b6f9b21269465fe57d5d
3275336a00456f397112e130a014be949c3fedb4
eb6332c59e6e845a0c8913f0b329da20e14f3147b65f9f8a41b61468e9fe1ddb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/_medicare_/bt_elements.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:40:12 GMT
etag: "2460-5ba482b7168a4-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 2334
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/wp-quiz/assets/frontend/css/wp-quiz.css
93.95.216.126200 OK 4.4 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/wp-quiz/assets/frontend/css/wp-quiz.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (19378)
Hash 4fd204085748f011dd17bfb1992142fa
954603534dabaa88be18b465d9872e8c97256481
7f1fa3172ba30fa163058741e3d13f865c0e1e6dba3328ace0e17373d3cc0116
GET /wp-content/plugins/wp-quiz/assets/frontend/css/wp-quiz.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:56:54 GMT
etag: "4bfd-5ba5ad7cf935a-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 4448
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=wp_recaptchaLoadCallback&render=explicit
142.250.74.164200 OK 587 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=wp_recaptchaLoadCallback&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (919), with no line terminators
Hash 293c72c158e1065881fa15c70f4afd90
4fe3cc10c349e47d377bef5e44fe82248ff0ec4d
bdaa7555e49d9b987788cb9f0777e13cdad6e3df47b521f540a595b4523548ab
GET /recaptcha/api.js?onload=wp_recaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 10 Sep 2022 19:46:48 GMT
date: Sat, 10 Sep 2022 19:46:48 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 587
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/magnific-popup.css
93.95.216.126200 OK 2.0 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/magnific-popup.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash a309f2ff0d4924469954647047c98a37
e1c517189075e6e60843cdbb583e34a55c6f02d6
a54182b154aed125eda987ee1073a2f73ec60aa91bd10f14ecdb10053a4dfbac
GET /wp-content/themes/medicare/magnific-popup.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "1edb-5ba47c5175a0d-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1978
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/js/respond.min.js
93.95.216.126200 OK 2.1 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/respond.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type HTML document, ASCII text, with very long lines (3180)
Hash 396c87fc4e9fbfa34c7431bc476b78f4
d2999c40f6248660afc7d69f220c89efb6e17ddf
6d0acfc740af7d9097add1009519c3305f6cbec4e45f3e3d30a3959f77bae81d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/respond.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "fdd-5ba47c516dd0c-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 2063
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare-child/style.css
93.95.216.126200 OK 2.3 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare-child/style.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (1692)
Hash 1661e8497f92168ac3aa1ccfc90b2cef
a1277df364efe724c99789b373e57645c4e7a3fc
6b439c21f35b9c86e3baa1cf8e80575498c850f1a3152fbce4e93e94cd54f282
GET /wp-content/themes/medicare-child/style.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 23 Mar 2021 14:55:56 GMT
etag: "2d53-5be356127db6f-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 2331
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-includes/js/jquery/jquery-migrate.min.js
93.95.216.126200 OK 4.2 kB URL HTTP/2 restyle.freesmile.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 17:09:15 GMT
etag: "2bd8-5ba4969dcdaeb-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 4169
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
restyle.freesmile.com/wp-content/plugins/cforms2/js/cforms.js
93.95.216.126200 OK 4.4 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/cforms2/js/cforms.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type HTML document, ASCII text
Hash 51d2469d40f0bb311df73159811fbcee
c951a5b4dab034da170c607b82d0b5d5093be387
9a07d47c7066015175ed13172a2c68422d39774421d6b4d117e402f68ce6702e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cforms2/js/cforms.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:41:01 GMT
etag: "4af3-5ba482e5bb22b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 4365
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js
93.95.216.126200 OK 689 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (1146)
Hash 8d5b2533f035f2539f1d97e1beebf8ad
2bf30d91c2c77828df933ef94dfb2d73eac92ba9
c8697cecab68050b6683b26e3c9d7144d3b69e9703f49e62c5086b69e1a84d6d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:53:51 GMT
etag: "525-5ba5accebd240-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 689
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js
93.95.216.126200 OK 905 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (1709)
Hash e3872417139220b996f3239c79c8cfb2
181c67dc848d8208e378840ba25f2de41fde9ece
ffa61a57e89351f93f966be764f2eb40f2a0d4a09d80731e2dae101581c0b0fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:53:51 GMT
etag: "6d7-5ba5accebd628-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 905
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/js/jquery.magnific-popup.min.js
93.95.216.126200 OK 7.7 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/jquery.magnific-popup.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (21014)
Hash 074c187ce4db5883e1fcd080cfb3c77d
9a3b7ebc3b176cd4a6dd96c6ef0eaeab22e9dc07
e8a9cb708456d56c3621fbbf1f33301345b3902fd325a01c455839078630573a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/jquery.magnific-popup.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "52a5-5ba47c516d154-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 7699
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-includes/js/comment-reply.min.js
93.95.216.126200 OK 1.3 kB URL HTTP/2 restyle.freesmile.com/wp-includes/js/comment-reply.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (2949)
Hash 1cf4c3e8e70de8171ff6d4530d1fec31
e45846b00f185fb3e3d16b61d6073c961c2dcf50
bcb5aef7cf39483421bc74866fb39786953559ff5fa9e9d003743b33702d64b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/comment-reply.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Thu, 15 Apr 2021 10:20:24 GMT
etag: "ba8-5c0003627f952-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1346
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/widget-google-reviews/assets/js/public-main.js
93.95.216.126200 OK 6.9 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/widget-google-reviews/assets/js/public-main.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (566)
Hash 6108958515cc0b1ab3e0270d88f7e7bc
052c5565af5cff8e237b4691ffef0a83a9b807e5
c92aac4923545656fdde2d51b37a80f3fcffb6ddbef866262e14fdf4a5bfc41d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/widget-google-reviews/assets/js/public-main.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Thu, 25 Nov 2021 10:02:01 GMT
etag: "7f4b-5d19a10da6329-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 6936
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 90af7f9fc306540e02535db3d00dca64
9e05b003b35ed57277b6b295adde93add7c41b0b
64abd990305ef3f25ffb3fb2ccae04b76e178375752ecb2020411df8f7974fcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
restyle.freesmile.com/wp-content/plugins/twenty20/assets/js/jquery.twenty20.js
93.95.216.126200 OK 915 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/twenty20/assets/js/jquery.twenty20.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (2466), with no line terminators
Hash cc0607ae9c6e1031131c9e0296a0c945
9a583f020a5e15f52010bcc06f62bbcb8d465824
1989bc1cd416c1ea222a33520cbcccd257130e97fcf6b8593fd907250c512525
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/twenty20/assets/js/jquery.twenty20.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:55:50 GMT
etag: "9a2-5ba5ad4061ef7-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 915
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-includes/js/wp-emoji-release.min.js
93.95.216.126200 OK 4.7 kB URL HTTP/2 restyle.freesmile.com/wp-includes/js/wp-emoji-release.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (11272)
Hash 9c26256ee738b510ab56c09607a7286f
197327c8d1cd72ce8d335fc0b8b007ddca60191d
cfe161d7b5764e21a1e8ea764f4a0c0da41f1aba16bb8329bd11acbc7a156e4b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 03 Feb 2021 23:57:46 GMT
etag: "3795-5ba775a86c3fb-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 4662
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js
93.95.216.126200 OK 1.5 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (4401), with no line terminators
Hash ec855a097236bc7858b244019ccbeaa2
78cddfd4cc3d4df5d62f2ec678673a8d97a124d1
8e09ae2f50ea25b412704baad3f0e1a3093c727840e0ee4c9c354b13b651da12
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/332.app.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Thu, 04 Nov 2021 11:21:44 GMT
etag: "1131-5cff4bb41b918-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1531
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/uploads/2021/02/logo-1.png
93.95.216.126200 OK 8.0 kB URL HTTP/2 restyle.freesmile.com/wp-content/uploads/2021/02/logo-1.png
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 401 x 97, 8-bit colormap, non-interlaced\012- data
Hash 5184b92dc4079d8c25aae7425987a72f
3e3f6f7e1af6cbdd4148071ada47273ba1431950
9fffa3c1e9d56028cfaa104eff8339cbe65eb3fb74660161c4a25c4a9e9c6dd1
GET /wp-content/uploads/2021/02/logo-1.png HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 03 Feb 2021 11:04:37 GMT
etag: "1f6e-5ba6c8d883ba6"
accept-ranges: bytes
content-length: 8046
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
referrer-policy:
access-control-allow-origin: *
content-type: image/png
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/twenty20/assets/js/jquery.event.move.js
93.95.216.126200 OK 2.0 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/twenty20/assets/js/jquery.event.move.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (5421), with no line terminators
Hash 3ac18a3a35d4e9a19c1a93eea4b9ddd3
39cecfc2bf83e91014ec0bac3b4befb62b4a8aaf
543460ae8761333ec142ac2788f3714ce59ce1342ffcc47739a9ea113513d5ea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/twenty20/assets/js/jquery.event.move.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:55:50 GMT
etag: "152d-5ba5ad4061ef7-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 2007
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js
93.95.216.126200 OK 7.9 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash 048af535b0c4ae6646b786fdae2eb91d
1210a935b22d0cf68fa65dd10362b59fefe3bb4f
92516d1ea7f79ac3189b89470096660b760d04661b3174c36b3765095de62758
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:52:49 GMT
etag: "8319-5ba5ac93b3d44-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 7893
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/lazy-loading-responsive-images/js/ls.unveilhooks.min.js
93.95.216.126200 OK 794 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/lazy-loading-responsive-images/js/ls.unveilhooks.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (1672)
Hash fd4e6068802d08afd08e7fd952c85f47
8f8b82c3cf719c8006022d27e82ceda89d5fc595
9f2b7552d7c253bee14403cff277160e5b0d053753ef05f6ea6f13fca657e655
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/lazy-loading-responsive-images/js/ls.unveilhooks.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:53:03 GMT
etag: "6a3-5ba5aca0b8b50-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 794
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-includes/js/wp-embed.min.js
93.95.216.126200 OK 765 B URL HTTP/2 restyle.freesmile.com/wp-includes/js/wp-embed.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (1391)
Hash fe875afb236ee8f0d50040fe58d848d4
e6b1b67093b429c95d5b9db07a7eba39e02cf0e5
328a6a072b91134f2802ae25e070f38ff156ceee2c6ec6a6253ae4b27af73b49
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 03 Feb 2021 23:57:46 GMT
etag: "592-5ba775a86c3fb-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 765
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/_medicare_/bt_parallax.js
93.95.216.126200 OK 542 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/_medicare_/bt_parallax.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with CRLF line terminators
Hash 3cfc5a93a2c1dbf83886a56af6a79958
8edf231e25637054cc51514fba09dbf84d04695c
d8d25440fd5827b4872d09a217cdc5781893707432e83aff8f34fe5440bf2758
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/_medicare_/bt_parallax.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:40:12 GMT
etag: "57f-5ba482b717844-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 542
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js
93.95.216.126200 OK 1.2 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (4522), with no line terminators
Hash afe38975a82e5fe0a1968b67ed4e1847
aebf6391eb7dc0531c6ad3c07d8565a4ef56f04a
dde7e41cdeba411cee38f9ebd9c3624c2b7c696fca773823bb6dc6da7f9218d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Fri, 11 Feb 2022 12:09:03 GMT
etag: "11aa-5d7bceec4558a-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1214
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/widget-google-reviews/assets/css/public-main.css
93.95.216.126200 OK 2.4 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/widget-google-reviews/assets/css/public-main.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (11283), with no line terminators
Hash 8d49a777e1e59105e7834918e6583c2c
c8ffda9026cf4ba7f86a5cf36474d764ee1ebc99
badb8b5f514b58baa67f7c21416c2a69ba9460248a1495c8cfe77e6bfeb8e59a
GET /wp-content/plugins/widget-google-reviews/assets/css/public-main.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Thu, 25 Nov 2021 10:02:01 GMT
etag: "2c13-5d19a10da5b59-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 2403
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/lazy-loading-responsive-images/js/lazysizes.min.js
93.95.216.126200 OK 3.5 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/lazy-loading-responsive-images/js/lazysizes.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (7744)
Hash abf3891b7bdd8e79c115e993f51a1a56
a931ef18c69e6f2e2ad1f700cce7958ab524c84f
13e8a4bd9823d49538390c43b8afe726cee038aa7ebd8e390bca617116a57736
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/lazy-loading-responsive-images/js/lazysizes.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:53:03 GMT
etag: "1e5b-5ba5aca0b8b50-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 3457
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/js/sliders.js
93.95.216.126200 OK 1.7 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/sliders.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with CRLF line terminators
Hash 46546275d8c2619faf49a12143faae38
cf5098446097e3ba6eb95ad6415d3cb12dc204e4
5ed93098435606f46fa5387b90fe1e85429ead89e9f926dd6126b3f42388523e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/sliders.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "1cee-5ba47c516d53c-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1686
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/wp-quiz/assets/frontend/css/animate.css
93.95.216.126200 OK 4.5 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/wp-quiz/assets/frontend/css/animate.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash 0a2527fbbaa1552ee47eb20198302b10
805e709c3046fce66c39fe3dfde72c30a13e5c30
d47d8a033a3720e172c2e1d1507c8c6deeb5252a8901cb6e16fef8d6500428ae
GET /wp-content/plugins/wp-quiz/assets/frontend/css/animate.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:56:54 GMT
etag: "1252c-5ba5ad7cf935a-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 4469
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderengine.css
93.95.216.126200 OK 984 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderengine.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash d16d8c364f040cd8a2f61c2450104c5a
9a450b5037a10b4da119b5d7d1f595f2ab5850f6
24adb762063d39ba519a68c9623a957df3cef37b6875339ea8b754b359611f81
GET /wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderengine.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Fri, 22 Jul 2016 06:59:29 GMT
etag: "3fde-53833f9ccf640-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 984
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6af759d5c8a3ccb1094316c6b2a0171a
d53fc5f1d6f85c995494ab1ad2a75fa99de5dd70
7c9ed99789f2891377f6d8632a5ee11d785bfeb1797122210befc8c4ff32265a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 19:46:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 02:38:16 GMT
Expires: Fri, 16 Sep 2022 02:38:15 GMT
Etag: "d53fc5f1d6f85c995494ab1ad2a75fa99de5dd70"
Cache-Control: max-age=456085,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 748aabffed5c1bfa-OSL
restyle.freesmile.com/wp-content/themes/medicare/js/slick.min.js
93.95.216.126200 OK 9.7 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/slick.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (32012)
Hash d0e22ae3f1b75e95a37e328be65a37e1
682dcb46b6f3235bfd52a9aa79ac43b242796b44
83711381bf54fa5d90517a15778defa6eb1f09d6dfb400c7dcb15bddad1912f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/slick.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "9e0d-5ba47c516d53c-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 9736
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/js/misc.js
93.95.216.126200 OK 4.9 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/misc.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash 39900301ab63ccd535bf805646420e00
7daaaa27fe7e65ebb3af2aaf6be717c222ed7179
e7e715b9f8842c61508951ebb8de78bd96f3829760a19cc10f5495a3bacc17a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/misc.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "46f1-5ba47c516d924-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 4938
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js
93.95.216.126200 OK 11 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash c46ab5de8741776c7624857dd3007f4c
6d1ff3031ec4e186be5a20caeec23ca4ee6fe71e
12bc25c5ea75b015c1741bf28b9a75bde094a44b18a6dda22a19df70e9f1dd8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pixelyoursite/dist/scripts/public.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:53:51 GMT
etag: "10038-5ba5accebd240-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 10760
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
agent.toctoc.me/script/live-agent.js
37.187.149.195200 OK 133 kB URL HTTP/1.1 agent.toctoc.me/script/live-agent.js
IP 37.187.149.195:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 133 kB (133180 bytes)
Hash 91145139528b6a56031bd12199179941
9242600719b22dbd4060d03a42c75145ce02d622
6f1e0355744745dcbe60a5247a757cddb6b689ea2a7ca939dbb3bc66b93a8bd8
GET /script/live-agent.js HTTP/1.1
Host: agent.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 19:46:50 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Wed, 17 Nov 2021 11:47:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200, private, must-revalidate
Expires: Sat, 10 Sep 2022 21:46:50 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Connection: close
Transfer-Encoding: chunked
Content-Type: text/javascript
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15505
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 19:46:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15505
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 19:46:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15505
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 19:46:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15505
Expires: Sun, 11 Sep 2022 00:05:14 GMT
Date: Sat, 10 Sep 2022 19:46:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ade70e6dbcfb3ca1765f95112671e69
3768753be084c0e0fc268be5b192d02d769114b6
9670a3bf2476ba193cfeb3153c1254bdcfc980a28503dda0d9b398a3a59f53f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0bedecf7-d9af-4aa7-88b0-94b2a33f9e1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: 720a4111-91de-4672-88c8-f40db517c07d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YHsjRE13oAMFbCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63195ae1-288f1f5456bf4d146dcf774c;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 03:00:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HwwG0Hjf8uZn1AtbLU_wKs3w9lict3tRP31XQY6tIxDz9KDNaBMAqw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 04:00:05 GMT
age: 56804
etag: "3768753be084c0e0fc268be5b192d02d769114b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71bafbee3867c04c3712ff98a123d52c
ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf
58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: a0AyKhmYA7WPwciU2nTXwyChZV_riw1QsqI_giBIcdZhi3Nz4jM0Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:59:11 GMT
age: 78458
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f8aeb20a6543be83f3e422796c4dc70
4e4e127039dd8099c63c3bde198118d2874f7342
0f9fdd1b577e4719f88620bb451131bfb120790479b4feccb4222647fb3ea453
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F242561c0-8a95-468b-ba61-6859edfe8518.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7218
x-amzn-requestid: 4e9672b6-5415-4808-9508-22e8c42de448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE_QzHffIAMFYTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318459e-743b975a2770e2a90c616d87;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:17:50 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dR6KtfbMJzFz0j8zIFUNtdkJHUaerjxWbUyYKBD-jR_uAAvCCty01Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:01:33 GMT
age: 78316
etag: "4e4e127039dd8099c63c3bde198118d2874f7342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b83fa95ed30533299bc754adaced672
27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af
bc59e5ba6abafd8e7b10d6f8ae2269cbf739a4b28f9cbbf3adfc29a9195e6985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4e8861b-4d5e-4f2e-8b1c-e85d23f02c52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: af5e61ab-4f7b-4b03-8413-5d750b17e0df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLj9TH7vIAMFVMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ae6bb-309144fb6e02564c4fcdb966;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 07:09:47 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3gzR4efCGz9QsLoxAMuTUgBAwEc5WdyHBhw_wRPGmfnS9SWm-0vE7w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 07:27:32 GMT
age: 44357
etag: "27eda8377e1c00c53fb66b4e2fa4f0dd6c7020af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d21a3e07583d9fad4104b6457f7915e7
fdc9453562f993e2545ca99731a7741e748b6082
8ea38264c82c6b544447079cc92eae70d0968a070ba39022af0e18c498916338
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb150ddb5-18a6-405d-8041-cdea0c0e6a85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8266
x-amzn-requestid: 3411ec4b-ac18-4b4e-8876-c99b94d3a4a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNitWEjhIAMFWpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb188-4d9e496e7ff141b46748d850;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: vyV1_onImxuLNGp4UI1W5grcuVW3LHJFJjvmO0VXU-OYorF6RVcoDw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:50:11 GMT
age: 78998
etag: "fdc9453562f993e2545ca99731a7741e748b6082"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:43 GMT
age: 77586
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/uploads/2018/03/toronto-bridge-all-on-four.jpg
93.95.216.126200 OK 79 kB URL HTTP/2 restyle.freesmile.com/wp-content/uploads/2018/03/toronto-bridge-all-on-four.jpg
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 605x338, components 3\012- data
Hash 0a0d9de492daf9f1b69b974251392c62
46796fe706561c900f184419c18cbdee351f61eb
81767ea66c2ea739bce420b627835ff964a2c0510a289c735190eddcd7865940
GET /wp-content/uploads/2018/03/toronto-bridge-all-on-four.jpg HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 07 Mar 2018 13:43:05 GMT
etag: "135de-566d2bd152c40"
accept-ranges: bytes
content-length: 79326
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
referrer-policy:
access-control-allow-origin: *
content-type: image/jpeg
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/js/dir.hover.js
93.95.216.126200 OK 1.0 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/dir.hover.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash 70c55cf222765e30dca5d2d8a0ac3f5e
fbdfa99b2e7eedd754cf9f43747a5f78cec9d9f8
1660f7778203829c50581e49acd72dcf6c3005291a7455c8651cbbba1f04bad1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/dir.hover.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "17ba-5ba47c516d924-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1010
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/scroll-back-to-top/assets/js/scroll-back-to-top.js
93.95.216.126200 OK 761 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/scroll-back-to-top/assets/js/scroll-back-to-top.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash 4b42b3bcd8863c7cb8b36f01c9a1d777
852bafb9f634d1780ae02c00d988dd0c774f58d0
c3e70d040929e27b29b84be5bea0ecf79337249302725fa50466119733c8295f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/scroll-back-to-top/assets/js/scroll-back-to-top.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Fri, 22 Jul 2016 06:59:55 GMT
etag: "9c6-53833fb59b0c0-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 761
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/js/fancySelect.js
93.95.216.126200 OK 1.7 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/fancySelect.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash 71c01cf3c8dfff95d7f0a40b833a9d15
1be8f87f3d8c5bde6d84f57e8ad38024f188a3ad
c7575f6bcac060ddf0481a73c2b0ac7d50aad2a0d5ba21a245126c0e6ed9f06b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/fancySelect.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "1aff-5ba47c516d924-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 1728
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/js/header.misc.js
93.95.216.126200 OK 3.0 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/header.misc.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with CRLF line terminators
Hash b0465b449f5cb17a07e84a86d3b84d35
8548bf34d2ce1285d021a8c9fe644690e6837979
b475834ab6f7d5c624fb4b009ca64c3a3d0de9c3fff2727b0cb1f0a655b99367
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/header.misc.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "2f0e-5ba47c516d53c-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 2984
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderskins.js
93.95.216.126200 OK 7.7 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderskins.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (32016)
Hash 846953353580dc7c4d349182bbf5de4a
e77bf63af8fcd28f2c9140102b306224073c7e44
0bf6df81badc3318236b934a7a396483deba22b1df46473ef38d37486183bb7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wonderplugin-slider/engine/wonderpluginsliderskins.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 26 Jul 2016 14:50:43 GMT
etag: "27d44-5388b066d76c0-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 7738
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/js/iscroll.js
93.95.216.126200 OK 11 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/js/iscroll.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash e2568d824e1b497cd8c26c123e4a1128
dbacfc005ddf50768655a8996fcddbc704ab8169
647d727ef335b910e947a18a5e9f7fbb6514465b069d93084bd844d705328bc7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/js/iscroll.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "c3b4-5ba47c516dd0c-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 11120
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/cforms2/cforms-common.css
93.95.216.126200 OK 320 B URL HTTP/2 restyle.freesmile.com/wp-content/plugins/cforms2/cforms-common.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash 88e5ff377c1e312e46b0e299dae013c9
04392a0e00599e2ac9c958e016033e03ff9ece36
4d432aeeb9e9532b01a4ccf80305c00a34b8969b244f319e1c4a591c416e8c87
GET /wp-content/plugins/cforms2/cforms-common.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/wp-content/plugins/cforms2/styling/cforms2012.css
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:41:01 GMT
etag: "31a-5ba482e5baa5b-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:49 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 320
content-type: text/css
date: Sat, 10 Sep 2022 19:46:49 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-includes/js/jquery/jquery.min.js
93.95.216.126200 OK 31 kB URL HTTP/2 restyle.freesmile.com/wp-includes/js/jquery/jquery.min.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (65451)
Hash b50f63138863c21ee4dd2fd747d0eaee
24e2e53e39b5980f3021ad881f477387610fbfb6
a3810469de465100b039f38a6e39a83c11a1de3b4259b3028b2b85338770100c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 17:09:15 GMT
etag: "15d98-5ba4969dcd31b-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 30916
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginslider.js
93.95.216.126200 OK 42 kB URL HTTP/2 restyle.freesmile.com/wp-content/plugins/wonderplugin-slider/engine/wonderpluginslider.js
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type ASCII text, with very long lines (676)
Hash bd66f88295e9dc98927522084a73ca00
2711514c5bfd256a80ffca397ad041bbc17d8f93
54f44ec2c14c1df08095cf68caa64ca94f6b4a11e4941d08b213075a010faf6b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wonderplugin-slider/engine/wonderpluginslider.js HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Fri, 22 Jul 2016 06:59:30 GMT
etag: "3f34d-53833f9dc3880-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 41950
content-type: application/x-javascript
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
restyle.freesmile.com/wp-content/themes/medicare/style.css
93.95.216.126200 OK 92 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/style.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash a950432bb7ba5b1421c6fccfb8e4f9f9
3ba381f6e65f6f24fd6485d81b87ec633410a684
620b6c403e72de4c7a0cd77b347dc70584d67dbc45107c5e7c3651d69f3d84f2
GET /wp-content/themes/medicare/style.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 07 Sep 2021 10:56:00 GMT
etag: "ad2a5-5cb659c6cd055-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:48 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-type: text/css
date: Sat, 10 Sep 2022 19:46:48 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 43e44f5fe147594a8dd7e263eabca2ae
99a970746a212194f339b3fdc7df516af9f2ffdf
f716e38cbb8632487d1ce62a37e0662ef8611fbe0449a82b9301118b68c7548d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://restyle.freesmile.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:26:57 GMT
expires: Thu, 07 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 260394
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/print.css
93.95.216.126200 OK 827 B URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/print.css
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash d24235438504f10d3d11eef22226be6d
9ca6c9210bfaf739bc3cf1055986f5baffae11c4
77ccef7f71c5f610ee0c69236a166af9ffa3007f67a9a6de129cd6afab16dfe5
GET /wp-content/themes/medicare/print.css HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 15:11:35 GMT
etag: "dfc-5ba47c5161da3-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Mon, 10 Oct 2022 19:46:51 GMT
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-length: 827
content-type: text/css
date: Sat, 10 Sep 2022 19:46:51 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://restyle.freesmile.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:26:57 GMT
expires: Thu, 07 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 260394
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://restyle.freesmile.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:26:57 GMT
expires: Thu, 07 Sep 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 260394
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12956, version 1.0\012- data
Hash 1c772d9d0531b187db80bcfc199c1786
c0c04fb334190e10dffed0dcc5c817c2a6041a15
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://restyle.freesmile.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 19:28:30 GMT
expires: Thu, 07 Sep 2023 19:28:30 GMT
cache-control: public, max-age=31536000
age: 260301
last-modified: Wed, 27 Apr 2022 16:54:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 19:46:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
agent.toctoc.me/script/message_notify.mp3
37.187.149.195206 Partial Content 2.1 kB URL HTTP/1.1 agent.toctoc.me/script/message_notify.mp3
IP 37.187.149.195:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Hash 54d2e65e75278f2bfb76f0629f75a030
bd014d15524eb14eda8f99840d942371aba6ec9d
a87a478ea4cae43e345c9295082ddc93b8b06d96b8f767abc713b075c962bcd5
GET /script/message_notify.mp3 HTTP/1.1
Host: agent.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Sat, 10 Sep 2022 19:46:52 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Mon, 01 Feb 2016 21:42:54 GMT
Accept-Ranges: bytes
Content-Length: 2100
Cache-Control: max-age=2419200, public
Expires: Sat, 08 Oct 2022 19:46:52 GMT
Vary: Accept-Encoding
Content-Range: bytes 0-2099/2100
Connection: close
Content-Type: audio/mpeg
agent.toctoc.me/script/snapshot.mp3
37.187.149.195206 Partial Content 12 kB URL HTTP/1.1 agent.toctoc.me/script/snapshot.mp3
IP 37.187.149.195:0
File type MPEG ADTS, layer III, v2, 64 kbps, 24 kHz, JntStereo\012- data
Hash 925c7990ed9d38aee5870931d2bfc30c
8af778fcb501a57f0cf45ee19623e8ae9177e74c
5face1704a47b74cfbf53e4d13d15cab097628e6df3833506f321614bd785ce5
GET /script/snapshot.mp3 HTTP/1.1
Host: agent.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Sat, 10 Sep 2022 19:46:52 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Wed, 09 Nov 2016 11:24:55 GMT
Accept-Ranges: bytes
Content-Length: 12144
Cache-Control: max-age=2419200, public
Expires: Sat, 08 Oct 2022 19:46:52 GMT
Vary: Accept-Encoding
Content-Range: bytes 0-12143/12144
Connection: close
Content-Type: audio/mpeg
agent.toctoc.me/script/toctoc.mp3
37.187.149.195206 Partial Content 23 kB URL HTTP/1.1 agent.toctoc.me/script/toctoc.mp3
IP 37.187.149.195:0
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, JntStereo\012- data
Hash cf783ca9e43dc006336b28a0157fc5be
27f60738e9acaea98794c7752dc594f9e5141971
9a7e32ae7af0d01f587170cf6ba29ed51e964aa2e3f7d83a094ba215ff16ca13
GET /script/toctoc.mp3 HTTP/1.1
Host: agent.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Sat, 10 Sep 2022 19:46:52 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Mon, 01 Feb 2016 21:42:56 GMT
Accept-Ranges: bytes
Content-Length: 23274
Cache-Control: max-age=2419200, public
Expires: Sat, 08 Oct 2022 19:46:52 GMT
Vary: Accept-Encoding
Content-Range: bytes 0-23273/23274
Connection: close
Content-Type: audio/mpeg
agent.toctoc.me/script/css/live-agent.css?v=Sat%20Sep%2010%202022%2019:46:41%20GMT+0000%20(Coordinated%20Universal%20Time)
37.187.149.195200 OK 6.9 kB URL HTTP/1.1 agent.toctoc.me/script/css/live-agent.css?v=Sat%20Sep%2010%202022%2019:46:41%20GMT+0000%20(Coordinated%20Universal%20Time)
IP 37.187.149.195:0
File type ASCII text, with very long lines (58010)
Hash 7bf4ca0ae264ce5f7f5e2ec40aac847d
378777ae86e368856ead39c811b50426ea9421e4
5b70d57779374b15dffce6cb3e5309dd94ae0578b53b787f20389ddf9316175e
GET /script/css/live-agent.css?v=Sat%20Sep%2010%202022%2019:46:41%20GMT+0000%20(Coordinated%20Universal%20Time) HTTP/1.1
Host: agent.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 19:46:52 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Mon, 01 Feb 2021 02:03:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=7200, private, must-revalidate
Expires: Sat, 10 Sep 2022 21:46:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 6923
Connection: close
Content-Type: text/css
restyle.freesmile.com/wp-content/uploads/2017/11/All-on-4-implantologie-Malo-Klinik-Freesmile-thumb-160x160.jpeg
93.95.216.126200 OK 4.9 kB URL HTTP/2 restyle.freesmile.com/wp-content/uploads/2017/11/All-on-4-implantologie-Malo-Klinik-Freesmile-thumb-160x160.jpeg
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 160x160, components 3\012- data
Hash e39ec978a9029dfd61d5dfe46aa97816
fcd41847c6ac0c4b72b43bceaed86c75a0f1bceb
23b5b4a08b4240eddac659b80f683a3d4aea9ec1b67eaef513c54779dc6392e3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2017/11/All-on-4-implantologie-Malo-Klinik-Freesmile-thumb-160x160.jpeg HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 10 Feb 2021 15:45:24 GMT
etag: "1343-5bafd4a9e87d6"
accept-ranges: bytes
content-length: 4931
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:51 GMT
referrer-policy:
access-control-allow-origin: *
content-type: image/jpeg
date: Sat, 10 Sep 2022 19:46:51 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/uploads/2018/03/PARODONTITIS-AUSKURIEREN-thumb-160x160.jpeg
93.95.216.126200 OK 5.5 kB URL HTTP/2 restyle.freesmile.com/wp-content/uploads/2018/03/PARODONTITIS-AUSKURIEREN-thumb-160x160.jpeg
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 160x160, components 3\012- data
Hash e857ec4e27b31224401e78e7b71877d9
5a0bb69dc359a5823b679737c3c3ccc821d0e770
873185c167f9e210b07a3805ae86ef43c4aa4ea7ab13555a900ed7181b1524ec
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/03/PARODONTITIS-AUSKURIEREN-thumb-160x160.jpeg HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 10 Feb 2021 15:45:12 GMT
etag: "1574-5bafd49de9188"
accept-ranges: bytes
content-length: 5492
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:51 GMT
referrer-policy:
access-control-allow-origin: *
content-type: image/jpeg
date: Sat, 10 Sep 2022 19:46:51 GMT
server: Apache
X-Firefox-Spdy: h2
servlet01.toctoc.me/socket.io/?EIO=3&transport=polling&t=OCey9wJ
37.187.149.197200 OK 101 B URL HTTP/1.1 servlet01.toctoc.me/socket.io/?EIO=3&transport=polling&t=OCey9wJ
IP 37.187.149.197:0
Hash 5658c6a16798f247419e94d400031b7b
82fb1f055447800ec0485f3798018e4f9aea5f67
40f9630b67f0bb826b35d1cbc8bd85995f401d996677ad7fe6c6176475d7c6a5
GET /socket.io/?EIO=3&transport=polling&t=OCey9wJ HTTP/1.1
Host: servlet01.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://restyle.freesmile.com
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 101
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://restyle.freesmile.com
Set-Cookie: io=kYBKq1ZiMC09yUuXAl87; Path=/; HttpOnly
Date: Sat, 10 Sep 2022 19:46:52 GMT
Connection: keep-alive
servlet01.toctoc.me/socket.io/?EIO=3&transport=polling&t=OCey9-6&sid=kYBKq1ZiMC09yUuXAl87
37.187.149.197200 OK 5 B URL HTTP/1.1 servlet01.toctoc.me/socket.io/?EIO=3&transport=polling&t=OCey9-6&sid=kYBKq1ZiMC09yUuXAl87
IP 37.187.149.197:0
Hash 7af80a3ef50f8ab70677275473b1b1b8
bbddc27df3428bce641ace40dbd9afc0cd9ad583
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
GET /socket.io/?EIO=3&transport=polling&t=OCey9-6&sid=kYBKq1ZiMC09yUuXAl87 HTTP/1.1
Host: servlet01.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://restyle.freesmile.com
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 5
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://restyle.freesmile.com
Set-Cookie: io=kYBKq1ZiMC09yUuXAl87; Path=/; HttpOnly
Date: Sat, 10 Sep 2022 19:46:52 GMT
Connection: keep-alive
servlet01.toctoc.me/socket.io/?EIO=3&transport=websocket&sid=kYBKq1ZiMC09yUuXAl87
37.187.149.197101 Switching Protocols 0 B URL HTTP/1.1 servlet01.toctoc.me/socket.io/?EIO=3&transport=websocket&sid=kYBKq1ZiMC09yUuXAl87
IP 37.187.149.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket&sid=kYBKq1ZiMC09yUuXAl87 HTTP/1.1
Host: servlet01.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://restyle.freesmile.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: P1BGJTmWCe2YI5g0MN+lzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Upgrade: websocket
Connection: Upgrade
Sec-WebSocket-Accept: CV7yIYi6uoiUfxjjWP6k0d6+PDg=
Sec-WebSocket-Extensions: permessage-deflate
restyle.freesmile.com/wp-content/uploads/2018/03/toronto-bridge-thumb.jpeg
93.95.216.126200 OK 104 kB URL HTTP/2 restyle.freesmile.com/wp-content/uploads/2018/03/toronto-bridge-thumb.jpeg
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 600x600, components 3\012- data
Size 104 kB (103804 bytes)
Hash 14f44b6ccc89f3101e8761b278ef0fb0
ef9433c4177aaa84a18329f36d3623a8d20eb862
19650cdd6569a96ce8f5cc5a8ba395ec700965d4da27ef50d93bfc33453a0d79
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/03/toronto-bridge-thumb.jpeg HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Wed, 07 Mar 2018 13:43:31 GMT
etag: "1957c-566d2bea1e6c0"
accept-ranges: bytes
content-length: 103804
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:51 GMT
referrer-policy:
access-control-allow-origin: *
content-type: image/jpeg
date: Sat, 10 Sep 2022 19:46:51 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/uploads/2021/02/shutterstock_272306351-dark-1200x818-1.jpg
93.95.216.126200 OK 26 kB URL HTTP/2 restyle.freesmile.com/wp-content/uploads/2021/02/shutterstock_272306351-dark-1200x818-1.jpg
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 35", baseline, precision 8, 1200x818, components 3\012- data
Hash 924951c7de9e673ee08e9cb7bcd92b75
c63571b1630a65392fbeb88b5661d9c086587325
b0941ecb1f18d51e7c5f2daf99a23c4ac37c15a1e9581dd4b49cad8e2fd4862a
GET /wp-content/uploads/2021/02/shutterstock_272306351-dark-1200x818-1.jpg HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Tue, 02 Feb 2021 13:11:52 GMT
etag: "66c1-5ba5a36c25d11"
accept-ranges: bytes
content-length: 26305
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:51 GMT
referrer-policy:
access-control-allow-origin: *
content-type: image/jpeg
date: Sat, 10 Sep 2022 19:46:51 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/fonts/Pe-icon-7-stroke.woff?d7yf1v
93.95.216.126200 OK 59 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/fonts/Pe-icon-7-stroke.woff?d7yf1v
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type Web Open Font Format, TrueType, length 58556, version 1.0\012- data
Hash b38ef310874bdd008ac14ef3db939032
7e544bb11b7655998db6f324c612f7ffbf0ab66e
6fb4217048f333e23e0fd0ba2ab05e05fd7500f86a5a80a7cf04a2f94b257bec
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/medicare/fonts/Pe-icon-7-stroke.woff?d7yf1v HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://restyle.freesmile.com/wp-content/themes/medicare/style.css
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "e4bc-5ba47c515e30a"
accept-ranges: bytes
content-length: 58556
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:51 GMT
vary: Accept-Encoding,User-Agent
referrer-policy:
access-control-allow-origin: *
content-type: application/font-woff
date: Sat, 10 Sep 2022 19:46:51 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-content/themes/medicare/fonts/fontawesome-webfont.woff2?v=4.5.0
93.95.216.126200 OK 77 kB URL HTTP/2 restyle.freesmile.com/wp-content/themes/medicare/fonts/fontawesome-webfont.woff2?v=4.5.0
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/medicare/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://restyle.freesmile.com/wp-content/themes/medicare/style.css
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
etag: "12d68-5ba47c51569f1"
accept-ranges: bytes
content-length: 77160
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:51 GMT
vary: Accept-Encoding,User-Agent
referrer-policy:
access-control-allow-origin: *
content-type: application/font-woff2
date: Sat, 10 Sep 2022 19:46:51 GMT
server: Apache
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
142.250.74.163200 OK 157 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (539)
Size 157 kB (157166 bytes)
Hash 026df0dfed2314af108e700900288961
51c2a55bca7d65c549ef138d1294cac2aa98dd96
24eefc59f5d298ce40bdd33c8157ad14631984159fca8e5980037366c44c2b34
GET /recaptcha/releases/g8G8cw32bNQPGUVoDvt680GA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://restyle.freesmile.com
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157166
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:23:20 GMT
expires: Wed, 06 Sep 2023 17:23:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 06 Sep 2022 00:04:24 GMT
content-type: text/javascript
age: 354212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-admin/admin-ajax.php?action=pys_get_gdpr_filters_values
93.95.216.126200 OK 104 B URL HTTP/2 restyle.freesmile.com/wp-admin/admin-ajax.php?action=pys_get_gdpr_filters_values
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type JSON data\012- , ASCII text, with no line terminators
Hash d294ac654710be62e073efc681ad4725
495fe6df65a043524fd0f4b0bd440ab70805395b
710051aaaa682b717a01cd220bc448d53eb47c2634c14ff7086ebf5427bd49b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/admin-ajax.php?action=pys_get_gdpr_filters_values HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
p3p: CP="NOI"
pragma: no-cache
x-robots-tag: noindex
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
access-control-allow-origin: *
content-length: 104
content-type: application/json; charset=UTF-8
date: Sat, 10 Sep 2022 19:46:51 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/favicon.ico
93.95.216.126302 Found 0 B URL HTTP/2 restyle.freesmile.com/favicon.ico
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; 0ffa50dce26ba9013e5c7542161e7478={"u_c":"169f2e71-8290-d87c-ca4e-c624ab15f86d","u_t":"user","u_v":1,"d_f":1662839201,"d_l":1662839201}; 0ffa50dce26ba9013e5c7542161e7478.tmp={"w_o":1,"g_l":"13bca81b74c91abf275dbb511dbc5723","l_m":0,"l_c":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://restyle.freesmile.com/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
vary: Accept-Encoding,User-Agent
location: https://restyle.freesmile.com/wp-includes/images/w-logo-blue-white-bg.png
referrer-policy:
access-control-allow-origin: *
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 10 Sep 2022 19:46:52 GMT
server: Apache
X-Firefox-Spdy: h2
restyle.freesmile.com/wp-includes/images/w-logo-blue-white-bg.png
93.95.216.126200 OK 4.1 kB URL HTTP/2 restyle.freesmile.com/wp-includes/images/w-logo-blue-white-bg.png
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 000bf649cc8f6bf27cfb04d1bcdcd3c7
d73d2f6d74ec6cdcbae07955592962e77d8ae814
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
Connection: keep-alive
Cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-non-necessary=yes; 0ffa50dce26ba9013e5c7542161e7478={"u_c":"169f2e71-8290-d87c-ca4e-c624ab15f86d","u_t":"user","u_v":1,"d_f":1662839201,"d_l":1662839201}; 0ffa50dce26ba9013e5c7542161e7478.tmp={"w_o":1,"g_l":"13bca81b74c91abf275dbb511dbc5723","l_m":0,"l_c":0}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,User-Agent
last-modified: Mon, 01 Feb 2021 17:09:14 GMT
etag: "1017-5ba4969d3d63e"
accept-ranges: bytes
content-length: 4119
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 19:46:53 GMT
referrer-policy:
access-control-allow-origin: *
content-type: image/png
date: Sat, 10 Sep 2022 19:46:53 GMT
server: Apache
X-Firefox-Spdy: h2
admin.toctoc.me/api/servlet/?customercode=0ffa50dce26ba9013e5c7542161e7478
45.60.1.107200 OK 0 B URL HTTP/2 admin.toctoc.me/api/servlet/?customercode=0ffa50dce26ba9013e5c7542161e7478
IP 45.60.1.107:0
GET /api/servlet/?customercode=0ffa50dce26ba9013e5c7542161e7478 HTTP/1.1
Host: admin.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://restyle.freesmile.com
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 19:46:52 GMT
server: Apache
strict-transport-security: max-age=63072000; includeSubdomains;
x-xss-protection: 1; mode=block
access-control-allow-origin: *
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
x-content-type-options: nosniff
content-security-policy: default-src 'self'; img-src 'self' https://*.toctoc.me https://www.google-analytics.com https://cdn.datatables.net https://cdnjs.cloudflare.com data:; style-src 'self' 'unsafe-inline' https://*.toctoc.me https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://use.fontawesome.com https://cdn.datatables.net https://cdnjs.cloudflare.com; font-src 'self' https://fonts.gstatic.com https://use.fontawesome.com https://maxcdn.bootstrapcdn.com data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.toctoc.me https://ajax.googleapis.com https://code.jquery.com https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.datatables.net; connect-src 'self' https://www.google-analytics.com wss://*.toctoc.me https://*.toctoc.me https://cdn.datatables.net; object-src 'self' data:; media-src 'self' https://*.toctoc.me blob: polyblob:; frame-src 'self' https://www.openstreetmap.org;
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=moo7k5qqg2dr0f76vlhtg09c71; path=/; secure; HttpOnly
visid_incap_2809911=VNBOAqeFSLac3tDPkjEAzKvpHGMAAAAAQUIPAAAAAAAu1tIl+EiaXfouFfLEpDgP; expires=Sat, 09 Sep 2023 22:14:29 GMT; HttpOnly; path=/; Domain=.toctoc.me
nlbi_2809911=gud/QfRrxxAfCdf2w5rXKwAAAACnjQHQU7bZrQZZtppqLxCV; path=/; Domain=.toctoc.me
incap_ses_275_2809911=dvnxBw9BeW505R0XhP/QA6vpHGMAAAAA7/20+K+AJQxHrDGS8OqdJQ==; path=/; Domain=.toctoc.me
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 13-46460879-46460882 NNYN CT(42 98 0) RT(1662839211151 27) q(0 0 2 1) r(2 2) U12
X-Firefox-Spdy: h2
agent.toctoc.me/script/ring_user.mp3
37.187.149.195206 Partial Content 0 B URL HTTP/1.1 agent.toctoc.me/script/ring_user.mp3
IP 37.187.149.195:0
GET /script/ring_user.mp3 HTTP/1.1
Host: agent.toctoc.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Date: Sat, 10 Sep 2022 19:46:52 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Last-Modified: Mon, 01 Feb 2016 21:42:56 GMT
Accept-Ranges: bytes
Content-Length: 148920
Cache-Control: max-age=2419200, public
Expires: Sat, 08 Oct 2022 19:46:52 GMT
Vary: Accept-Encoding
Content-Range: bytes 0-148919/148920
Connection: close
Content-Type: audio/mpeg
restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
93.95.216.126200 OK 0 B URL HTTP/2 restyle.freesmile.com/de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/
IP 93.95.216.126:0
ASN #52030 Server Plan S.r.l.
Analyzer Verdict Alert fortinet Phishing
GET /de/implantologie/toronto-bridge-und-all-four-brucke-auf-4-implantaten/ HTTP/1.1
Host: restyle.freesmile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://restyle.freesmile.com/de/wp-json/>; rel="https://api.w.org/", <https://restyle.freesmile.com/de/wp-json/wp/v2/posts/6645/>; rel="alternate"; type="application/json", <https://restyle.freesmile.com/de/?p=6645>; rel=shortlink
set-cookie: PHPSESSID=d143638fcc527c9fd1368abb157de8d5; path=/
cookielawinfo-checkbox-necessary=yes; expires=Sat, 10-Sep-2022 20:46:48 GMT; Max-Age=3600; path=/
cookielawinfo-checkbox-non-necessary=yes; expires=Sat, 10-Sep-2022 20:46:48 GMT; Max-Age=3600; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
referrer-policy:
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
date: Sat, 10 Sep 2022 19:46:47 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CSource+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://restyle.freesmile.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Sep 2022 19:46:48 GMT
date: Sat, 10 Sep 2022 19:46:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2