balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg.html
301 Moved Permanently 707 B URL HTTP/1.1 balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg.html HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 23 Dec 2022 14:54:51 GMT
server: LiteSpeed
location: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
vary: User-Agent
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7e300ca7d2d586dd1ca0c185ef6b0da5
3914cfd3b7aa6e1d1117bf509319479e489ed2a4
91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13799
Expires: Fri, 23 Dec 2022 18:44:50 GMT
Date: Fri, 23 Dec 2022 14:54:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10337
Expires: Fri, 23 Dec 2022 17:47:08 GMT
Date: Fri, 23 Dec 2022 14:54:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 14:46:09 GMT
content-type: application/json
age: 522
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2364
Expires: Fri, 23 Dec 2022 15:34:15 GMT
Date: Fri, 23 Dec 2022 14:54:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8DpleOHARDzDdXT3Lp3coczGxysARYXaS6bW1+9D24jLhamSQeStu+NUnfN9YTfMaNKZrCuyQDo=
x-amz-request-id: D8Y2PSSPHSPHCBDB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 14:54:06 GMT
age: 45
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 14:54:51 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
404 Not Found 18 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13002), with CRLF, LF line terminators
Hash c2cc17ac44c05cdf412259cefd6dd441
1a66a7d6b77bec16f01e26210169dd0c741afb4c
93b2b7f7578e68123274eaa1cf236d1086fe4c524d72466d407d391d1c779e3b
Analyzer Verdict Alert fortinet Malware
GET /about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://balanceepigeneticorthodontics.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: miss
content-length: 18021
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Fri, 23 Dec 2022 14:54:51 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 14:33:25 GMT
age: 1287
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
200 OK 12 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
File type ASCII text, with very long lines (47826)
Hash 45b3843596f3eda24398e2c1f68ee268
4ad9a0e6ed85ca57c5d134aa5ca546e19910640d
f2784720bca9efcc4c4c3ab35d5fa3b523eb1915acc04a53273559907d352e36
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 05:57:16 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 12489
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Open+Sans%3A800i%2C800%2C700i%2C700%2C600i%2C600%2C400i%2C400%2C300i%2C300%26subset%3Dvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic&ver=1.0.0
200 OK 1.1 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans%3A800i%2C800%2C700i%2C700%2C600i%2C600%2C400i%2C400%2C300i%2C300%26subset%3Dvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic&ver=1.0.0
IP
Hash 7d5978eb65ebf46f535000aeb7b83d11
d64c84281e4ca0605a4f4cc201edd15c2328a7f7
fffe03db40fdc7db46668277add134eb4886f80caa9faf08b9ca8360908e3ebd
GET /css?family=Open+Sans%3A800i%2C800%2C700i%2C700%2C600i%2C600%2C400i%2C400%2C300i%2C300%26subset%3Dvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic%2Cvietnamese%2Clatin-ext%2Cgreek-ext%2Cgreek%2Ccyrillic-ext%2Ccyrillic&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 23 Dec 2022 14:54:52 GMT
Date: Fri, 23 Dec 2022 14:54:52 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/grid.min.css?ver=6.1.1
200 OK 1.9 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/grid.min.css?ver=6.1.1
IP
File type ASCII text, with very long lines (12282), with no line terminators
Hash b967176734b9c258af3048cae5204f82
fc2c1e9ee59f424f44000d5bdea8a3f3d176c829
1fd49e8270863d6583996d7f9761f019552ee31430880f960b2ca6e1e732fe45
GET /wp-content/themes/norebro/assets/css/grid.min.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1850
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
www.demandforce.com/widget/css/widget.css
301 Moved Permanently 326 B URL HTTP/1.1 www.demandforce.com/widget/css/widget.css
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f28f0fb9d51d8e331c51da566736f405
d6f878209c569a9f9d8af8f4cfba29bedbb3d9df
ec49c0a724212b2ae383dfc397ebcd9f00d00c062c398579f5e97f4e4deaeb63
GET /widget/css/widget.css HTTP/1.1
Host: www.demandforce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Dec 2022 14:54:52 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://www.demandforce.com/widget/css/widget.css
Vary: Accept-Encoding
CF-Cache-Status: HIT
Expires: Fri, 23 Dec 2022 18:54:52 GMT
Cache-Control: public, max-age=14400
Server: cloudflare
CF-RAY: 77e1ef5768dbb518-OSL
balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.2 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 14:36:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4168
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-includes/css/classic-themes.min.css?ver=1
200 OK 188 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/css/classic-themes.min.css?ver=1
IP
Hash 8ac085745a5bcc97c54f8088973df029
4e065566e82d4623d0f5b4d9275d3ee29e15acd1
a0b69c3418ce7d86bcd33d370dec1ba31f2d9c143d932f52de7c4f98427a813f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 05:47:35 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 188
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 5.0 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 11:26:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 5021
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
200 OK 995 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1
IP
Hash 31fbd21f33f377b20dfd23858b3d6c36
411fb366aa169e2343b03e1d46d2b3eeca1831d2
7206ade2601b87b9aaa35be4ceaa86d474c398d11479a9e46f27cf2b571a28b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Sat, 17 Dec 2022 19:47:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 995
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.digicert.com/
200 OK 471 B IP
Hash c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5502
Cache-Control: max-age=157417
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 10:38:29 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 31 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
File type ASCII text, with very long lines (65447)
Hash cc5a8bfbf7d31fbc3022dc05e964a95c
81edda48c2c2c97bf79dea1ec91b89105e4ba00b
651c822702a9ac476c260fd37dccab6c3da8306ff6dd922e9d68cfa7863bfe42
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 05:47:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 31046
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro-child/style.css?ver=1.2.0
200 OK 599 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro-child/style.css?ver=1.2.0
IP
File type ASCII text, with CRLF line terminators
Hash 44334824710c2a096a0c6b4450768edb
8a81619a9ccac4ce5aedfbeeec3c73e8a5980f6b
276dfdf512491ac744dcf02d26bdff3ced312189cc464a85a3492aca13fdee19
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro-child/style.css?ver=1.2.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:31:04 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 599
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/aos.css?ver=6.1.1
200 OK 2.2 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/aos.css?ver=6.1.1
IP
File type ASCII text, with very long lines (25948), with no line terminators
Hash 9642b2bea9f59a2e0bc7407015351335
49a874e8db68eac8f1d851b8d7e94e5866b9651e
a2dfe701e9b4a28aaab0280556d748280d14ffe19a591541858ebeab8bd737c9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/css/aos.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2223
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/ionicons.min.css?ver=6.1.1
200 OK 8.3 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/ionicons.min.css?ver=6.1.1
IP
File type Unicode text, UTF-8 text, with very long lines (50851)
Hash b3729c58bad09d820d1d7359aa33dbd6
89c22368b74c18bd1d0c23c3329978c8381f6775
81faf8e2ad5b847e2519bf65d300d4da516c97433e7da06311545811dbdd60a5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/css/ionicons.min.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 8262
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1
200 OK 13 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1
IP
File type ASCII text, with very long lines (58301)
Hash 1e10e489c37e0af53a976426df227e23
2b526479d6377d0c11e00fd6c77d736e2d07ff61
7f5ea936bfbfec4771790317284f671e76a91f2a66ebf11ad728f72ea0be93f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 12600
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/style.css?ver=6.1.1
200 OK 76 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/style.css?ver=6.1.1
IP
File type assembler source, ASCII text, with very long lines (867)
Hash 19c93f6594725445d67209314591373b
3858d7fed46fa4f2046bdd9a2732ee5a0a40f9fd
a94504812190a0100404d16bebb552ba5fa666b429152dbb3d694f6f97e07570
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/style.css?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Wed, 16 Feb 2022 16:30:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 75946
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f749dc700a7fa1d681dba5fbb621049b
6dce438c8460139b20c6ce6d8adcd9a2e501ad03
07bde7d791de3fc6ee6e1a0f466c5187170cc40d95871bc9bd63219ddf04fed7
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157700
Date: Fri, 23 Dec 2022 14:54:52 GMT
Etag: "63a57c5e-1d7"
Expires: Sun, 25 Dec 2022 10:43:12 GMT
Last-Modified: Fri, 23 Dec 2022 10:01:02 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nZf4HimHI1Bv8BfR3mEGw2TlCRzKzXhcZ6oosy8Qd7ginMFS4-GwCA==
Age: 2530
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 49374a31eb1125644ceefa7d17583fc5
0c9ae6933cf0c5fd2b1fa13dc1b8c08f92bee6a9
85a8cbef54a80af67ebea71a48ed697897b432c3bffdf6635fbd348dbdb4c2f6
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 74
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 14:54:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1776
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 21:12:02 GMT
Expires: Fri, 23 Dec 2022 21:12:02 GMT
ETag: "0c9ae6933cf0c5fd2b1fa13dc1b8c08f92bee6a9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/css/rs6.css?ver=6.5.25
200 OK 12 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/css/rs6.css?ver=6.5.25
IP
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash ffb77e1068f394546172fe07f63b57e3
7f50c1c0cbfbc38933933cc8cefe40856b39d230
10a040d653c1c253bd6bc4dc3555d4fe49283f745c0a34f24c313857e2ef4b5f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/slider-revolution/public/assets/css/rs6.css?ver=6.5.25 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 17:45:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 12522
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
200 OK 3.0 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
IP
File type ASCII text, with very long lines (10565), with no line terminators
Hash 0673e7e3ff602fbf7abf8f06e158beeb
3b3ef5976363007beb22cbb5b858495278fde81f
97815e1e2325d8b0dafa2fd1160481fd56dd327925852a70fe80a8d847605a5e
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 19:47:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 3047
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
200 OK 4.1 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
IP
File type HTML document, ASCII text, with very long lines (12652), with no line terminators
Hash 06aa04bc71f0b8f1c7bd1a08685e7aaa
5d8a56f8e80b347072968dc59613f07e22d089e0
e47d09865d5f028aab31c5312606be533eb61fcce601ec6f79ada41112dcf35a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 19:47:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4071
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k9jTpptF4pPTVmDQSMs1bg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T0Ne55qnYaAFYRTmdpLxGQf+wCs=
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/woocommerce-hack.js?ver=6.1.1
200 OK 2.6 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/woocommerce-hack.js?ver=6.1.1
IP
Hash b756ebe418e2b3c0520058ddd66b9893
b1a843c4975dd742fcdae043f64caf7271976ea3
76f7bcd59cd640f70257f00a85200dbc5e54f8b653719b345ff48ced0758b7e3
GET /wp-content/themes/norebro/assets/js/woocommerce-hack.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2560
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
dni.logmycalls.com/dni.js?app_id=CT
200 OK 9.9 kB URL HTTP/1.1 dni.logmycalls.com/dni.js?app_id=CT
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type exported SGML document, ASCII text, with very long lines (9867), with no line terminators
Hash ced6ccfdc6a78dc6af7699bca0f7ddcc
5d6f35c34bdf5ad5143654f58e6c8a257677f944
31727cbf910529ec8a9419a97062d31a19f227ce859aff89abf369293fc0dcf5
GET /dni.js?app_id=CT HTTP/1.1
Host: dni.logmycalls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 200 OK
X-DNS-Prefetch-Control: off
Access-Control-Allow-Origin: *
Date: Fri, 23 Dec 2022 14:54:52 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=0
X-XSS-Protection: 0
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Powered-By: Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
ocsp.digicert.com/
200 OK 280 B IP
Hash 5bbbe997ad7dda55cefe3f369288dfd8
10afc4bcba85bb75610e44999a479883f11ee3d3
61e0b0c3c252a37d1059bb43be690fc0e430ee5eac89ed72f60ad3283d31d8d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Etag: "63a3d24e-117"
Server: ECS (amb/6B97)
Content-Length: 280
balanceepigeneticorthodontics.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
200 OK 1.8 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
File type ASCII text, with very long lines (5477)
Hash 5bc847fcae1a1a6c4b7f79c00d2b7e29
b2237db0dd679c2c8e397e833f04df00d43165e7
bfa7a74e5830c0c26da7ccc50b8e44b401ce1ee8604fceb62e6c1310c47ddb2a
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 00:23:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1831
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-includes/js/masonry.min.js?ver=4.2.2
200 OK 7.4 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP
File type ASCII text, with very long lines (23966)
Hash c64ef876a5380269bf01eee5dc898d2c
ec456158fe4cf279a2ce25a613fc97202acf2b87
6a084e003863350fb53e74d1b75d732cdfd0489a8f1b15907b406f64a40c95be
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 00:23:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 7376
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
200 OK 715 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP
File type ASCII text, with very long lines (1626)
Hash 46cfee7a6b6ed76c0fd609b98415e886
27a59318b05327183e1b7807e2071626f4a08419
21245efcfeb0ee1d850f895f472eca45c5d471e10f03e8f10e826218be1c356a
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Fri, 19 Aug 2016 00:25:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 715
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/js/rbtools.min.js?ver=6.5.18
200 OK 49 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/js/rbtools.min.js?ver=6.5.18
IP
File type ASCII text, with very long lines (45108), with CRLF line terminators
Hash 48bb4c7f2e930b77a14a7b4b864699e9
d59f7f01e0ded74b188bf1f04dbaa0d84312325c
f12f65abd29d322e6e8ddefc6935c9fd841b1f90b7769ef0b97fea985dc816e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/slider-revolution/public/assets/js/rbtools.min.js?ver=6.5.18 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 17:45:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 48944
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
firebasestorage.googleapis.com/v0/b/deardoc-embed-codes.appspot.com/o/Balance%20Epigenetic%20Orthodontics%2FBalance%20Epigenetic%20Orthodontics%20-%20David%20Buck%2Fcode.js?alt=media&token=fc4ec38f-2fc3-4c51-a74f-84b34c7db37e
200 OK 1.7 kB URL HTTP/2 firebasestorage.googleapis.com/v0/b/deardoc-embed-codes.appspot.com/o/Balance%20Epigenetic%20Orthodontics%2FBalance%20Epigenetic%20Orthodontics%20-%20David%20Buck%2Fcode.js?alt=media&token=fc4ec38f-2fc3-4c51-a74f-84b34c7db37e
IP
File type ASCII text, with very long lines (1709), with no line terminators
Hash df4e0385a60b253cb14b07d4f1240f8c
3212a60537e3455f7d5b319f4ebb840b44569859
40758cf86ddb7e6919e0042e69961c9393b71c18e21af6a47b5aed2be4f60144
GET /v0/b/deardoc-embed-codes.appspot.com/o/Balance%20Epigenetic%20Orthodontics%2FBalance%20Epigenetic%20Orthodontics%20-%20David%20Buck%2Fcode.js?alt=media&token=fc4ec38f-2fc3-4c51-a74f-84b34c7db37e HTTP/1.1
Host: firebasestorage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvrAIFcjxXnTuSjzn4AbHF_7ILc4tx_0ULz8kI9vcNxtD6amJ4qKykKSLyWK0wRTdhDPGsxsZRXVFOkyq0wVkiCQqCXRruz
expires: Fri, 23 Dec 2022 14:54:52 GMT
date: Fri, 23 Dec 2022 14:54:52 GMT
cache-control: private, max-age=0
last-modified: Wed, 21 Dec 2022 21:22:44 GMT
etag: "df4e0385a60b253cb14b07d4f1240f8c"
x-goog-generation: 1671657764130909
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1709
x-goog-meta-firebasestoragedownloadtokens: 67366063-bae2-472c-8b61-d9a4289c9600
content-type: text/javascript
content-disposition: inline; filename*=utf-8''code.js
x-goog-hash: crc32c=Baxc1Q==, md5=304DhaYLJTyxSwfU8SQPjA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1709
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-includes/js/underscore.min.js?ver=1.13.4
200 OK 7.3 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP
File type ASCII text, with very long lines (18798)
Hash 0c9eb324833063b3a6a228188ad9d13b
bbb190b8d2486021226d46c78760f08939091642
d51a7349f49dc8eb8ace6c9100379db1c36fac3d981eaf008f8755d20b421632
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 05:47:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 7331
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/aos.js?ver=6.1.1
200 OK 4.4 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/aos.js?ver=6.1.1
IP
File type ASCII text, with very long lines (12537), with no line terminators
Hash f019306f65f7f0ad261bc292cdd031c2
66bd022c43e08bc074f2b3aef4c8e086924abe73
986fb70395a179818a0311e8492d82c93b4bdfcc0110974e24973af87f0a079d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/js/libs/aos.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4353
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0
200 OK 10 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0
IP
File type ASCII text, with very long lines (32004)
Hash ff3e2843e4763053c3b03331405478fc
1fb3b2858ea5b5214d3fe094605a37cd8550acce
59b1fa971d986adf33fd149014b2609e50f27f33fe3feafdf6307b60635d69a4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.9.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 17:45:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 9985
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/jquery.mega-menu.min.js?ver=6.1.1
200 OK 4.0 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/jquery.mega-menu.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (15661)
Hash f9cd000931604fc9d05d7a851a98aef2
0efc9cffbe045e966095ed0b294bcda5e743767c
3a467fd637cdfe95dc33a8c111ee8a3575a84582eab8657f52ab4c6c5b863bcc
GET /wp-content/themes/norebro/assets/js/libs/jquery.mega-menu.min.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 3957
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/navigation.js?ver=1.0.0
200 OK 1.2 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/navigation.js?ver=1.0.0
IP
Hash cdf749824266184df4443235fafc74ce
33008dfde3619bb5eda208ba1bfd3e18d8293309
29c5dea85d89c6fe6f000c347f514fa67fb765fd13747ef68c422ff830e30ed2
GET /wp-content/themes/norebro/assets/js/navigation.js?ver=1.0.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1167
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/js/rs6.min.js?ver=6.5.25
200 OK 102 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/plugins/slider-revolution/public/assets/js/rs6.min.js?ver=6.5.25
IP
File type ASCII text, with very long lines (64288)
Size 102 kB (102257 bytes)
Hash 854fb0d3ae424cb2aedb9b106e00542d
64e409b0c960c0f67978f3f8725973d08f71f15b
8787aa1817eaaf083d2c32807be4b0478ba74308c207e71d2ead8e5520caddaa
GET /wp-content/plugins/slider-revolution/public/assets/js/rs6.min.js?ver=6.5.25 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 17:45:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 102257
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/skip-link-focus-fix.js?ver=1.0.0
200 OK 489 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/skip-link-focus-fix.js?ver=1.0.0
IP
Hash 0f3f620723b9e2acdc5abd4e1f2e4e71
1bf39c083fa5c5a1f0619287454076a691ea0a51
367a5a9b89b6cdc611e4eee2286c27df47a49a8a96bd5acd4326d8848a143aa8
GET /wp-content/themes/norebro/assets/js/skip-link-focus-fix.js?ver=1.0.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 489
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
www.demandforce.com/widget/css/widget.css
200 OK 10 kB URL HTTP/2 www.demandforce.com/widget/css/widget.css
IP
Hash 87b69eedf7b2340537fe02bd18f5e2fd
f222da253e75b85bf0d355b4273654e7d66bcf5c
fc10eac6b7d9ab3b05f6144a11d41d246994ffda5b5078c72d7eee885f375f58
GET /widget/css/widget.css HTTP/1.1
Host: www.demandforce.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 14:54:52 GMT
content-type: text/css
content-length: 10231
last-modified: Wed, 03 Apr 2019 20:10:34 GMT
etag: "9854-585a5d8a3b4a0"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
expires: Fri, 23 Dec 2022 18:54:52 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 77e1ef5b2dbbb50b-OSL
X-Firefox-Spdy: h2
cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
301 Moved Permanently 167 B URL HTTP/1.1 cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /Xy02NjU5MjM2NzU/oribi.js HTTP/1.1
Host: cdn.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 23 Dec 2022 14:54:52 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
X-Cache: Redirect from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Mnsp6OjlE8AoZCX5qdG_XXRwryDvUxv6DodzYOjgxJ879feyz9wjeA==
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/owl.carousel.min.js?ver=6.1.1
200 OK 11 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/libs/owl.carousel.min.js?ver=6.1.1
IP
File type ASCII text, with very long lines (32000)
Hash a887cebbad63de094ca671c2c39532c8
ebf38f6f34d0c03368cc5120cebc469edc964340
471b9524213fd20d992306836cd6d74c2c8e318d78e1fb18ee6186c9322ad008
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/js/libs/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 10951
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/main.js?ver=6.1.1
200 OK 20 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/js/main.js?ver=6.1.1
IP
Hash f8455331b66447563c00856bf0dd9ddd
c264bdd12b43db534479d60387cb8259005da622
28216511bf06fc814e8ee8933290b96ba699dbd35937349025ace2a4f58f0cbb
GET /wp-content/themes/norebro/assets/js/main.js?ver=6.1.1 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: application/javascript
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 19859
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-W27769H
404 Not Found 1.6 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W27769H
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 151f57e36ef3209fba4d8d79ba1b64cd
8adaaa7dd6bf4c6f257bf656deb83d3ea641a38f
6cb7d087e2eaf9eacf97c7d8b33deb3e7af2f2ec1f79343745a627ef91efbf44
GET /gtm.js?id=GTM-W27769H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
date: Fri, 23 Dec 2022 14:54:52 GMT
content-type: text/html; charset=UTF-8
server: Google Tag Manager
content-length: 1582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 19 Dec 2022 21:40:09 GMT
Expires: Tue, 19 Dec 2023 21:40:09 GMT
Cache-Control: public, max-age=31536000
Age: 321283
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/images/scroll-top.svg
200 OK 504 B URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/images/scroll-top.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 66c18e69f6bdb02ed50d000f267629de
b025792508454280d9f428df4f99459faff1f401
7f00bbfcb3df15fcafc9af9f331bf315faa985e2755a92222db3a1746b473fe9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/images/scroll-top.svg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: image/svg+xml
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 504
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
200 OK 3 B URL HTTP/2 cdn.oribi.io/Xy02NjU5MjM2NzU/oribi.js
IP
File type JSON data\012- , ASCII text
Hash 8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
GET /Xy02NjU5MjM2NzU/oribi.js HTTP/1.1
Host: cdn.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=UTF-8
content-length: 3
date: Fri, 23 Dec 2022 14:54:52 GMT
cache-control: public, max-age=60
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Pe_2U3BYIYTNgsqH0e_YQUoLeeADBFnrZOxl0yXGkqdbIW3LqdJrag==
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-solid-900.woff2
200 OK 80 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 80148, version 331.17301\012- data
Hash c500da19d776384ba69573ae6fe274e7
6290834672aba86d5b6c1c73b30b57c9c53996f7
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: font/woff2
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-length: 80148
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-brands-400.woff2
200 OK 77 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-brands-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 77400, version 331.17301\012- data
Hash cac68c831145804808381a7032fdc7c2
62584b9868428fd75af3fc5ee2f9918dda428be5
1c87d2b26de7d55c66037916bbb4cba6c791da0e2adfa378332678ff13e12d9d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/fonts/fa/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/fa/css/fontawesome.min.css?ver=6.1.1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: font/woff2
last-modified: Wed, 16 Feb 2022 16:30:28 GMT
accept-ranges: bytes
content-length: 77400
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/ionicons/ionicons.ttf?v=2.0.0
200 OK 109 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/fonts/ionicons/ionicons.ttf?v=2.0.0
IP
File type TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size 109 kB (109188 bytes)
Hash dd0f9f2b8276e5dba2c6263792a03c56
3def20cac583e3bc367b3626608bd0f1f91aabe7
5e7ac037f8b9deedaa097a6ce952c75521cc92a5682022ff0b332227e50c9efd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/norebro/assets/fonts/ionicons/ionicons.ttf?v=2.0.0 HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/wp-content/themes/norebro/assets/css/ionicons.min.css?ver=6.1.1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:52 GMT
content-type: font/ttf
last-modified: Wed, 16 Feb 2022 16:30:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 109188
date: Fri, 23 Dec 2022 14:54:52 GMT
server: LiteSpeed
chimpstatic.com/mcjs-connected/js/users/35c9ceaeb5ce119bc2ce9d775/82525d81be479c7bca258a4c6.js
200 OK 50 B URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/35c9ceaeb5ce119bc2ce9d775/82525d81be479c7bca258a4c6.js
IP
Hash 104d46a3208b40e8ded389332f5a78a3
4ab55ccb2972e9a3cb62c65c97308c2450a682bb
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
GET /mcjs-connected/js/users/35c9ceaeb5ce119bc2ce9d775/82525d81be479c7bca258a4c6.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: WzY2nBZyiG5g1YwCHLyWp+wqcWwBWg/Kw7kYtYbTdvyahJ4k0VCzsI37IxJ3RtDFAayS80hb+xY=
x-amz-request-id: 4AN4VBJ8FHVA3SZK
Last-Modified: Wed, 06 Mar 2019 00:07:44 GMT
ETag: "104d46a3208b40e8ded389332f5a78a3"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 50
X-EdgeConnect-MidMile-RTT: 6, 18, 17
X-EdgeConnect-Origin-MEX-Latency: 106, 97, 100
Cache-Control: max-age=1800
Expires: Fri, 23 Dec 2022 15:24:53 GMT
Date: Fri, 23 Dec 2022 14:54:53 GMT
Connection: keep-alive
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 7ec18de79114419fdce45deffa982afc
fb28d27513c216013e7aee81f438bb9bb211a706
b7e2e7fb3a5ffd7d2ad589dfb78984004eaa22c7e60e51ee8a2d0bcb34ccc296
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 23 Dec 2022 14:54:53 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 22 Dec 2022 20:42:08 GMT
Expires: Fri, 23 Dec 2022 20:42:08 GMT
ETag: "fb28d27513c216013e7aee81f438bb9bb211a706"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
balanceepigeneticorthodontics.com/wp-json/contact-form-7/v1/contact-forms/5/feedback/schema
200 OK 161 B URL HTTP/2 balanceepigeneticorthodontics.com/wp-json/contact-form-7/v1/contact-forms/5/feedback/schema
IP
File type JSON data\012- , ASCII text, with very long lines (391), with no line terminators
Hash 4b59e8f78ac752aebe87982d779b8e01
903355ec44fac9ba40d78497960b84f57a3fc2be
a2b8a38577ce996a1122fc90d484d7315f44c0b98177a4ce56c70f529ebe5aa9
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5/feedback/schema HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://balanceepigeneticorthodontics.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding,User-Agent
etag: "2133-1671737406;br"
x-litespeed-cache: hit
content-encoding: br
content-length: 161
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-4.jpg
200 OK 100 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-4.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 841x787, components 3\012- data
Size 100 kB (100250 bytes)
Hash e2e14c31d240583b7405aeccf264f669
c0bcf14cef9c55c00eaff47f5ce218382179c1bf
328b34ffe0d79167f37dfa01f60bd069f0c0308da7eb2ad6a9dda40be72f8f19
GET /wp-content/uploads/2022/08/Buck-4.jpg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/jpeg
last-modified: Wed, 17 Aug 2022 22:10:47 GMT
accept-ranges: bytes
content-length: 100250
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-1.png
200 OK 76 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-1.png
IP
File type PNG image data, 291 x 171, 8-bit/color RGB, non-interlaced\012- data
Hash b5ef1a65eb8b40bc527714bf19c958a6
78f7ae74f26968f1ea8350fdc3397b0a12b1d613
1f19265d36bb4c428cb73ffcb552006de179fd00f28acb550eb917b2638d4394
GET /wp-content/uploads/2022/08/Buck-1.png HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/png
last-modified: Wed, 17 Aug 2022 22:10:47 GMT
accept-ranges: bytes
content-length: 75604
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ip.convirza.com/ip?
200 OK 21 B IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65
GET /ip? HTTP/1.1
Host: ip.convirza.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 21
Connection: keep-alive
Status: 200 OK
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Credentials: true
Date: Fri, 23 Dec 2022 14:54:53 GMT
ETag: W/"15-9nxfKIe8BWVLR/duliHlOkCRrtE"
X-Powered-By: Express, Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-3.jpg
200 OK 109 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 845x853, components 3\012- data
Size 109 kB (109074 bytes)
Hash 963e81f58dd985047e68102f6846d016
1a2f19a367be5f73d038996f4b54186af4a5ab98
fa79c3cce301dc180735aea46299aafe328217dca3642fe748175a427514b514
GET /wp-content/uploads/2022/08/Buck-3.jpg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/jpeg
last-modified: Wed, 17 Aug 2022 22:10:47 GMT
accept-ranges: bytes
content-length: 109074
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-2.png
200 OK 99 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/Buck-2.png
IP
File type PNG image data, 273 x 209, 8-bit/color RGB, non-interlaced\012- data
Hash 8dd41977ad98559aa872047c0e256c5a
4bd725d10fc0e92681b8f13820f981dcbe44f190
245a0a798b1c16764a04261e7205a61672108f1e25c5fe3f5627f6e95b935218
GET /wp-content/uploads/2022/08/Buck-2.png HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/png
last-modified: Wed, 17 Aug 2022 22:10:47 GMT
accept-ranges: bytes
content-length: 99005
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/whitelogo.png
200 OK 28 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/08/whitelogo.png
IP
File type PNG image data, 314 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash e80710394ceadece2550850450c6a1ff
11f9e1f15604605a5784b87dd5f1cd66a7d95980
fc72418e9ccaffd6c1a45527b24ade9af1141634e8ce8438c6b350b60d0e5ffd
GET /wp-content/uploads/2022/08/whitelogo.png HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/png
last-modified: Wed, 17 Aug 2022 18:09:59 GMT
accept-ranges: bytes
content-length: 27839
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/wp-content/uploads/2022/11/shutterstock_2036186195.jpg
200 OK 342 kB URL HTTP/2 balanceepigeneticorthodontics.com/wp-content/uploads/2022/11/shutterstock_2036186195.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1000x667, components 3\012- data
Size 342 kB (341789 bytes)
Hash 1015c2b4017ad472c70b307da7396b5e
91c975a1ba71f1527a23d33e35c98ab62a439f1c
ea47050d29811cbafa845e46447479f59c7d060da7dce8708addd98cd35fbe9a
GET /wp-content/uploads/2022/11/shutterstock_2036186195.jpg HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 14:54:53 GMT
content-type: image/jpeg
last-modified: Wed, 30 Nov 2022 22:05:34 GMT
accept-ranges: bytes
content-length: 341789
date: Fri, 23 Dec 2022 14:54:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-501217.js?sv=5
301 Moved Permanently 167 B URL HTTP/1.1 static.hotjar.com/c/hotjar-501217.js?sv=5
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /c/hotjar-501217.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 23 Dec 2022 14:54:53 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://static.hotjar.com/c/hotjar-501217.js?sv=5
X-Cache: Redirect from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: N6z6-Tj_AMYPr43ojhU2_Jissm-b2eCxRna43vGMANbnoeY4fluVRA==
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18960
Expires: Fri, 23 Dec 2022 20:10:53 GMT
Date: Fri, 23 Dec 2022 14:54:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18960
Expires: Fri, 23 Dec 2022 20:10:53 GMT
Date: Fri, 23 Dec 2022 14:54:53 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18959
Expires: Fri, 23 Dec 2022 20:10:53 GMT
Date: Fri, 23 Dec 2022 14:54:54 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Fri, 23 Dec 2022 14:23:25 GMT
Expires: Fri, 23 Dec 2022 16:23:25 GMT
Cache-Control: public, max-age=7200
Age: 1889
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SsDKCzVoU9imPo79Eg4_JraYGSE82tq3DvQqtDD4611YT_G18AED5w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:44:23 GMT
age: 47431
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ee73339f3e7eaeb4c1ecab1a24632a8
48ff42e4329102d6a006b8f947bfaf29c0a5de17
ae5787d0df124d7d95ccaaf58148bb46c931610ca908cd58787748da5b75a1c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12794
x-amzn-requestid: 82617475-f461-429b-b38d-0c84eee33754
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk55IGPioAMFi1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a509d3-0dfc997d3853974a08914362;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:52:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kWJ-6NeMz-Hn8fw8hfvoQhdmDKqBDKRauvBY-2O8QxDjt4-pXAvX8g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:57:28 GMT
age: 46646
etag: "48ff42e4329102d6a006b8f947bfaf29c0a5de17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash c5d392f16d6f3348bd707afe72f37382
f61824a383d18b9d9da451f63ce9a4068f2d1030
bde34b0a32333f86fa6e508a7177a2d231afedbca18febbfd5a0d56dab618d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2185
Cache-Control: max-age=99732
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:54 GMT
Etag: "63a49b49-1d7"
Expires: Sat, 24 Dec 2022 18:37:06 GMT
Last-Modified: Thu, 22 Dec 2022 18:00:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5dd6622433d537fbb91a04bd3b57d873
552f216608b819b4f65f0574e421f4a761f0d721
5e9b03133d928378a775ab52ec6e58cd7753aa2975a4966534353c0d6bc46af5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4d96f-b35a-4cc6-9fe3-c52ed693df34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11471
x-amzn-requestid: 20d9459a-710b-4fcf-bfce-9f0c5f513740
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbNEqGPnoAMFcDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a12884-4a93ab9047181db109d328e2;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 03:14:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qFwWS-f0U1hSbrFFgBiGNzXRvZyvR90n_MI7jfYfWsyv2W6jH8D-9w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 05:24:01 GMT
age: 34253
etag: "552f216608b819b4f65f0574e421f4a761f0d721"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 23 Dec 2022 14:41:11 GMT
expires: Fri, 23 Dec 2022 16:41:11 GMT
cache-control: public, max-age=7200
age: 823
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61b1b9ece5581fe0b212144f45243f1a
d161c613f1491ae6ab63b536c50c6630e80d6382
f5a2b23b66a05734b86755986573c07c5f75bc6cbe67d2b769aee9ef402b2c14
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bd09861-a6e6-4462-b7cf-0572eabdfd71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7117
x-amzn-requestid: 470b959f-7f5f-4a64-8d8d-bfc91856fad2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dUnBBFhZIAMFhiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e8539-3916bad034c86d5503e456f2;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 03:12:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WGhzif-UgKEwm5GlCuP72Q4E10_lmmiFI5749QwOJtlMalTSA2ImzQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 06:25:16 GMT
age: 30578
etag: "d161c613f1491ae6ab63b536c50c6630e80d6382"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38cc82b5e5d8c2fee6f51021e156ec81
eafb4e029313caabcdbdc1002abcab95f66e91b1
b8cad011e1a98ee4e896f00263495aab7f9cab986736a7a5b4187b8e94c46493
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11939
x-amzn-requestid: a00e5ab5-ad16-4576-b046-381e36456998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqE94oAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-28687ad51eea1f6f3ce8cc86;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GZ4CbztfUpuPUplTacPrTbsufySu214BVAvkmxZe_PA2t89nsTFCdw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:37:14 GMT
age: 62260
etag: "eafb4e029313caabcdbdc1002abcab95f66e91b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c618f418af677595dddd2e7ed9e6a1f
ef8fd938e82dec810c56e4497441c452012e5a22
677f7502d2a69e2bdfad9fa2329ce8c78b7e413b4d7bd9cb414a768e381819cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: ef5c3ac0-6e78-40c7-9289-bb4e3e88c168
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: de9-RHoioAMFX4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a2a9f4-3562d612246d193e695803de;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 06:38:44 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: iC2m4ASg-8irGcO9z9FpwVQAumplbOlr8lAedeAiZRUtKuVbM6uU0g==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 06:01:27 GMT
age: 32007
etag: "ef8fd938e82dec810c56e4497441c452012e5a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dni.logmycalls.com/load_dni?ref=&code=264b04062f16e0a09354779b624c1eff&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&browser=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ip_host=91.90.42.154&is_dni=&app_host=dni.logmycalls.com&elements=&
200 OK 561 B URL HTTP/1.1 dni.logmycalls.com/load_dni?ref=&code=264b04062f16e0a09354779b624c1eff&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&browser=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ip_host=91.90.42.154&is_dni=&app_host=dni.logmycalls.com&elements=&
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with very long lines (561), with no line terminators
Hash 37180ad6a2b148ebdb731269a4963ca5
19eeeca4fb398e9c8a8fffbec816ee6fad454691
037e03782659141372d353c870080d0e58160acec406c7f0a50a7f33c612c1fd
GET /load_dni?ref=&code=264b04062f16e0a09354779b624c1eff&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&browser=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&ip_host=91.90.42.154&is_dni=&app_host=dni.logmycalls.com&elements=& HTTP/1.1
Host: dni.logmycalls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 561
Connection: keep-alive
Status: 200 OK
X-DNS-Prefetch-Control: off
Access-Control-Allow-Origin: *
Date: Fri, 23 Dec 2022 14:54:54 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=0
X-XSS-Protection: 0
X-Download-Options: noopen
ETag: W/"231-Ge7spPs5jpyKj/++yBbub61FRpE"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Powered-By: Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: st1blaw+MZ2DBqWfhW9LrvnLlgJ/MiqqyMLVmn74gusiEIHm7xp0nuZ5rhXp/CqSGx3/fPQwcMj3hYSEmvkTIg==
priority: u=3,i
content-length: 27298
x-fb-trip-id: 1904183273
date: Fri, 23 Dec 2022 14:54:54 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=607007825&t=pageview&_s=1&dl=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20Advanced%20TMJ%20%26%20Epigenetic%20Orthodontics%20Dental%20Solutions&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=737841780&gjid=1350302169&cid=1085921686.1671807293&tid=UA-24043734-38&_gid=603401472.1671807293&_r=1&_slc=1&z=533507288
200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=607007825&t=pageview&_s=1&dl=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20Advanced%20TMJ%20%26%20Epigenetic%20Orthodontics%20Dental%20Solutions&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=737841780&gjid=1350302169&cid=1085921686.1671807293&tid=UA-24043734-38&_gid=603401472.1671807293&_r=1&_slc=1&z=533507288
IP
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&a=607007825&t=pageview&_s=1&dl=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C%20Advanced%20TMJ%20%26%20Epigenetic%20Orthodontics%20Dental%20Solutions&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=737841780&gjid=1350302169&cid=1085921686.1671807293&tid=UA-24043734-38&_gid=603401472.1671807293&_r=1&_slc=1&z=533507288 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://balanceepigeneticorthodontics.com
date: Fri, 23 Dec 2022 14:54:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
balanceepigeneticorthodontics.com/favicon.ico
404 Not Found 1.2 kB URL HTTP/1.1 balanceepigeneticorthodontics.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Fri, 23 Dec 2022 14:54:54 GMT
server: LiteSpeed
vary: User-Agent
ocsp.digicert.com/
200 OK 471 B IP
Hash c5d392f16d6f3348bd707afe72f37382
f61824a383d18b9d9da451f63ce9a4068f2d1030
bde34b0a32333f86fa6e508a7177a2d231afedbca18febbfd5a0d56dab618d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2185
Cache-Control: max-age=99732
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 14:54:54 GMT
Etag: "63a49b49-1d7"
Expires: Sat, 24 Dec 2022 18:37:06 GMT
Last-Modified: Thu, 22 Dec 2022 18:00:41 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
dni.logmycalls.com/save_log?0=&1=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&2=91.90.42.154&3=Firefox%2F105.0%20(10%3B%20Windows)&4=null&5=61657942-43ff-4e6d-365a-7fef7705afa1&6=16317&
200 OK 22 B URL HTTP/1.1 dni.logmycalls.com/save_log?0=&1=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&2=91.90.42.154&3=Firefox%2F105.0%20(10%3B%20Windows)&4=null&5=61657942-43ff-4e6d-365a-7fef7705afa1&6=16317&
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash dc5182f8de5d9e4b611b0b9e912d7d1d
4c356822222369794ecb568f091965fa56773a7a
749d1a31ce94aaedfe8cfab8cd178ce018c9b4399f8da079f5e3db6d03230978
GET /save_log?0=&1=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&2=91.90.42.154&3=Firefox%2F105.0%20(10%3B%20Windows)&4=null&5=61657942-43ff-4e6d-365a-7fef7705afa1&6=16317& HTTP/1.1
Host: dni.logmycalls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 22
Connection: keep-alive
Status: 200 OK
X-DNS-Prefetch-Control: off
Access-Control-Allow-Origin: *
Date: Fri, 23 Dec 2022 14:54:54 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=0
X-XSS-Protection: 0
X-Download-Options: noopen
ETag: W/"16-TDVoIiIjaXlOy1aPCRll+lZ3Ono"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Powered-By: Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
www.facebook.com/tr/?id=265755707253993&ev=PageView&dl=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&rl=&if=false&ts=1671807292947&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671807292945.322090249&it=1671807292858&coo=false&rqm=GET
200 OK 6.7 kB URL HTTP/2 www.facebook.com/tr/?id=265755707253993&ev=PageView&dl=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&rl=&if=false&ts=1671807292947&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671807292945.322090249&it=1671807292858&coo=false&rqm=GET
IP
File type gzip compressed data, from Unix\012- data
Hash c2a03ef36500d93f397f58eeba49180f
9ee3dfbd981ac9ad32c4841c512ad1b25abfa64d
7a85378e683c4b9100d5c75b911a597f97a5581fdadbb257c63daf356b37da80
GET /tr/?id=265755707253993&ev=PageView&dl=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&rl=&if=false&ts=1671807292947&sw=1280&sh=1024&v=2.9.90&r=stable&ec=0&o=28&fbp=fb.1.1671807292945.322090249&it=1671807292858&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 23 Dec 2022 14:54:54 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5175aea42857ac2ad88640d5fb5d409c
1297cfa582880d1acf9410fdfa8c91b2dd29641e
ee8ba8be142fa63c66a224437c0c5b7796dd5771cbe147b76187464a37763f9b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118080
Date: Fri, 23 Dec 2022 14:54:54 GMT
Etag: "63a4e5dc-1d7"
Expires: Sat, 24 Dec 2022 23:42:54 GMT
Last-Modified: Thu, 22 Dec 2022 23:18:52 GMT
Server: ECS (dcb/7EC6)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zdSi7Gb9Mm4nyBOuVrd3sFvUCIKaM6C0cNBOjm2yHFrwOsT6unAXmA==
Age: 1442
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bd4fe81e1f187198cb17427e941c0c37
95d8abeeb72941e45f1181617b07ad99e289ff13
32dbd790d87ea176d4283ede74b0e01a69f2d6511d0c5f37fd4a166e98822c30
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=169578
Date: Fri, 23 Dec 2022 14:54:54 GMT
Etag: "63a5b4a8-1d7"
Expires: Sun, 25 Dec 2022 14:01:12 GMT
Last-Modified: Fri, 23 Dec 2022 14:01:12 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5b_x50z9qgrJjZNc_2CdXsSIFi9CuQh3juglFOkTwlzeEWofQyIw_Q==
balanceepigeneticorthodontics.com/wp-json/contact-form-7/v1/contact-forms/5/refill
200 OK 6 B URL HTTP/2 balanceepigeneticorthodontics.com/wp-json/contact-form-7/v1/contact-forms/5/refill
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b07a5ba9b682a99be1b186affef4c1b5
f5204461f75a489f887bc06fe3814233eda79b37
61b42daf28736e5f75372490c99c5a0601653e2935ae55c1d462d2474ed94f10
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/5/refill HTTP/1.1
Host: balanceepigeneticorthodontics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
link: <https://balanceepigeneticorthodontics.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,Accept-Encoding,User-Agent
etag: "2134-1671737406;br"
x-litespeed-cache: hit
content-encoding: br
content-length: 6
date: Fri, 23 Dec 2022 14:54:54 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
static.botsrv2.com/website/css/widget.ddbdd5c6.min.css
200 OK 159 kB URL HTTP/2 static.botsrv2.com/website/css/widget.ddbdd5c6.min.css
IP
Size 159 kB (159108 bytes)
Hash 5f029b673726b9e5f326357196225a7b
75f9fea0a50e5104bdba9b45186170fbc4d04160
a4a2dbed77582324f407b85737b965f75f0e7150fc47aa8dc89343864f19dafd
GET /website/css/widget.ddbdd5c6.min.css HTTP/1.1
Host: static.botsrv2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Tue, 30 Aug 2022 03:00:46 GMT
last-modified: Tue, 30 Aug 2022 00:45:56 GMT
etag: W/"3f84d0378ee533c011943bd04e319353"
cache-control: max-age=31536000
x-amz-version-id: CBXehOl5t3E8ep8qJ0UE_2YFcC00dGi0
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nQ5VdpFi7NmG2CZ7XAS0mzaCBE_jvlKxJvihiiBeruNpbdyJu-sEhA==
age: 9978848
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
widget.equally.ai/equally-widget.min.js
200 OK 254 kB URL HTTP/2 widget.equally.ai/equally-widget.min.js
IP
File type ASCII text, with very long lines (58101)
Size 254 kB (253761 bytes)
Hash a35b4ba67fcc5520f220aeb3f4f36e45
9743ed26b88bb86f8477f21bffd267bc35e1e391
efbf92661048ff97fbc30de08a67294e91c43cc65dc19632a4748672d677637d
GET /equally-widget.min.js HTTP/1.1
Host: widget.equally.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 23 Dec 2022 14:54:55 GMT
last-modified: Thu, 22 Dec 2022 15:20:10 GMT
etag: W/"8c090a67d52b9f65fe8853e935b6b4ca"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fh7iRh1mgPNW2qf5mQMsD2mgNxsSatyCXlWdevpi6ufInsXT2DpGEQ==
X-Firefox-Spdy: h2
api.equally.ai/api/v1/widget/config?apiKey=JNkC0qJSyZAu6y6gpHac&userID=9e4947f35751465411fd1a4f5c358c78
200 OK 997 B URL HTTP/2 api.equally.ai/api/v1/widget/config?apiKey=JNkC0qJSyZAu6y6gpHac&userID=9e4947f35751465411fd1a4f5c358c78
IP
File type JSON data\012- , ASCII text, with very long lines (997), with no line terminators
Hash fbbc51aa4f3325fff9b515b18c61c80c
ceb9fd6079a9b1503b42311ce457133f7569397f
4563fb357a5654ffdedbac31b280ac012b82dec6930caf9b1cd80a8fe6adc5d2
GET /api/v1/widget/config?apiKey=JNkC0qJSyZAu6y6gpHac&userID=9e4947f35751465411fd1a4f5c358c78 HTTP/1.1
Host: api.equally.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Referer: http://balanceepigeneticorthodontics.com/about-us/smile-gallery/view-image/6184ca57dfc268635305f87630a9d59f/jpg
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 14:54:57 GMT
content-type: application/json
content-length: 997
server: nginx
apigw-requestid: dmsiPjhsIAMEShQ=
access-control-allow-origin: *
X-Firefox-Spdy: h2
dni.logmycalls.com/update_session_last_used?dni_id=61657942-43ff-4e6d-365a-7fef7705afa1&number_to_display=&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&client_id=1085921686.1671807293&custom_parameter=&
200 OK 20 B URL HTTP/1.1 dni.logmycalls.com/update_session_last_used?dni_id=61657942-43ff-4e6d-365a-7fef7705afa1&number_to_display=&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&client_id=1085921686.1671807293&custom_parameter=&
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /update_session_last_used?dni_id=61657942-43ff-4e6d-365a-7fef7705afa1&number_to_display=&host=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&client_id=1085921686.1671807293&custom_parameter=& HTTP/1.1
Host: dni.logmycalls.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 20
Connection: keep-alive
Status: 200 OK
X-DNS-Prefetch-Control: off
Access-Control-Allow-Origin: *
Date: Fri, 23 Dec 2022 14:54:57 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Referrer-Policy: no-referrer
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=0
X-XSS-Protection: 0
X-Download-Options: noopen
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
X-Powered-By: Phusion Passenger(R) 6.0.15
Server: nginx/1.14.0 + Phusion Passenger(R) 6.0.15
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a706e18a200067a6e2d20bebdb7fcdae
e64ce67329ed29aac14296b9186821e06743f4d6
d3305b66c7e0fbd4a155b88424d9994d8e3c6f11ef9d39fefa5a8f307b2bba40
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88015
Date: Fri, 23 Dec 2022 14:54:57 GMT
Etag: "63a4604f-1d7"
Expires: Sat, 24 Dec 2022 15:21:52 GMT
Last-Modified: Thu, 22 Dec 2022 13:49:03 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PvpXr9PIpA5o6V_YcPqrQEQG_VHP2W67jwlBcFymFC-27KTpX5nzxw==
Age: 5569
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash a706e18a200067a6e2d20bebdb7fcdae
e64ce67329ed29aac14296b9186821e06743f4d6
d3305b66c7e0fbd4a155b88424d9994d8e3c6f11ef9d39fefa5a8f307b2bba40
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88004
Date: Fri, 23 Dec 2022 14:54:57 GMT
Etag: "63a4604f-1d7"
Expires: Sat, 24 Dec 2022 15:21:41 GMT
Last-Modified: Thu, 22 Dec 2022 13:49:03 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GN-9c3TvU8KLUnTBEBL3n9Kh4F_1SCelIWcJ75NNcwTTufwZ6jFyAw==
Age: 5558
equally-ai-widget-v2.s3.amazonaws.com/locales/en.json
200 OK 10 kB URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/locales/en.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (637)
Hash affefbd206d7a4b7c2c7d64c2e6382a3
bfdfe8e1a622fe23bb87fb57e9a2d67180edec81
e3f7975e961e53ea2b174b636928745560dfbb6ff5819b74350a83623c2d2609
GET /locales/en.json HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: CJj4AvsS0BtTph/oC64oys4xshnpujWDjiovdvjWtMOsxat4k30M8n/JSNUtjs9qbbPEXbq31qw=
x-amz-request-id: 34JZHHAF7Q0VCFKY
Date: Fri, 23 Dec 2022 14:54:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "affefbd206d7a4b7c2c7d64c2e6382a3"
Accept-Ranges: bytes
Content-Type: application/json
Server: AmazonS3
Content-Length: 10469
equally-ai-widget-v2.s3.amazonaws.com/fonts/OpenDyslexic-Regular.otf
200 OK 218 kB URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/fonts/OpenDyslexic-Regular.otf
IP
File type OpenType font data\012- data
Size 218 kB (218076 bytes)
Hash a8330e9d483bfacd2e974f09e19a0b52
680295c21472d666f5603ab41a88f0061a012769
dd11c8008b7eab2ea917b46defaea238cddfb05bff238f92b52eccd072401c29
GET /fonts/OpenDyslexic-Regular.otf HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: gQXFfN0KRzmooldy5flcBr5hSjcDC643Wn0aExMhsHVv7CKy8yU6CkP9UC9M24/Ao1fu2TQuQSk=
x-amz-request-id: 34JYJM23DSFVTRM8
Date: Fri, 23 Dec 2022 14:54:58 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: HEAD, GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "a8330e9d483bfacd2e974f09e19a0b52"
Accept-Ranges: bytes
Content-Type: font/ttf
Server: AmazonS3
Content-Length: 218076
equally-ai-widget-v2.s3.amazonaws.com/equallyai-widget.css
200 OK 32 kB URL HTTP/1.1 equally-ai-widget-v2.s3.amazonaws.com/equallyai-widget.css
IP
File type ASCII text, with very long lines (31794)
Hash 30688985e4c7e333e0d0b7c1119a0aa9
8d7a5fbcb01ea4f0366025d941b342c5ec71b072
3e35f5a72d84d44c4771bfc1c4b2f196e0563f318390440e419f843beb697fa8
GET /equallyai-widget.css HTTP/1.1
Host: equally-ai-widget-v2.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: XsdrS30yBxNdIBAA+GFCIRbOl89wX4a4pbt/rPWTYZcZdOsUhU37tzZQasylBZjKEgdbN9NMFPQ=
x-amz-request-id: 123VRKD8MPWMSDDR
Date: Fri, 23 Dec 2022 14:54:59 GMT
Last-Modified: Thu, 22 Dec 2022 15:05:28 GMT
ETag: "30688985e4c7e333e0d0b7c1119a0aa9"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Content-Length: 31795
static.hotjar.com/c/hotjar-501217.js?sv=5
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-501217.js?sv=5
IP
GET /c/hotjar-501217.js?sv=5 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://balanceepigeneticorthodontics.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 14:54:54 GMT
cache-control: max-age=60
etag: W/399d6c5932d4e9ea4fe047102c694c46
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XTOgGIJvlBzqfuyyqbsNfX1BGOM7zP16-8Oa1at2EQ-Z4KO2nNw5lQ==
X-Firefox-Spdy: h2
static.ai.getdeardoc.com/website/js/widget2.d8d5abfb.min.js
200 OK 0 B URL HTTP/2 static.ai.getdeardoc.com/website/js/widget2.d8d5abfb.min.js
IP
GET /website/js/widget2.d8d5abfb.min.js HTTP/1.1
Host: static.ai.getdeardoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 19 Dec 2022 18:54:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 19 Dec 2022 18:27:46 GMT
etag: W/"1d9896a7cf8d9e604754586813930fe5"
cache-control: max-age=31536000
x-amz-version-id: WQSmeNppbdk44AFdei9L73ATk8psNzfQ
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2kZwt5emQ90XhLd-GQvtPGTHAfh-m1cSbS7S5Nflm4_-57zPr6qBHQ==
age: 331209
X-Firefox-Spdy: h2
ai.getdeardoc.com/qb/data2/DYRAQrGYeKbW05dx/MqLdPEng2Kb6RWpJ?qbReferer=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&qbVersion=1671807293111
200 OK 0 B URL HTTP/2 ai.getdeardoc.com/qb/data2/DYRAQrGYeKbW05dx/MqLdPEng2Kb6RWpJ?qbReferer=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&qbVersion=1671807293111
IP
GET /qb/data2/DYRAQrGYeKbW05dx/MqLdPEng2Kb6RWpJ?qbReferer=http%3A%2F%2Fbalanceepigeneticorthodontics.com%2Fabout-us%2Fsmile-gallery%2Fview-image%2F6184ca57dfc268635305f87630a9d59f%2Fjpg&qbVersion=1671807293111 HTTP/1.1
Host: ai.getdeardoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Fri, 23 Dec 2022 14:54:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: http://balanceepigeneticorthodontics.com
access-control-allow-credentials: true
content-security-policy: default-src * blob: data:; script-src 'self' 'unsafe-eval' 'unsafe-inline' *; frame-src *; style-src 'self' 'unsafe-inline' * blob:; frame-ancestors *
x-dns-prefetch-control: off
strict-transport-security: max-age=63072000; preload
x-download-options: noopen
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
x-xss-protection: 1; mode=block
set-cookie: qb.A={"balanceepigeneticorthodontics.com.MqLdPEng2Kb6RWpJ":{"visit_count":1}}; path=/; expires=Mon, 23 Dec 2024 14:54:54 GMT; samesite=none; secure; httponly
qb.A.sig=OtDlgWHmKG2_VrEQMXMSzncJ9nA; path=/; expires=Mon, 23 Dec 2024 14:54:54 GMT; samesite=none; secure; httponly
cache-control: max-age=31536000
expires: Sat, 23 Dec 2023 14:54:54 GMT
last-modified: Fri, 23 Dec 2022 14:54:54 GMT
x-cached: MISS
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KGZp_KZERmD4gr-3-wUit4avKXjsFjZ544CHqLlTVosAjGQaJuK62Q==
X-Firefox-Spdy: h2
static.ai.getdeardoc.com/website/js/widget2.90b5a0ff.js
200 OK 0 B URL HTTP/2 static.ai.getdeardoc.com/website/js/widget2.90b5a0ff.js
IP
GET /website/js/widget2.90b5a0ff.js HTTP/1.1
Host: static.ai.getdeardoc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://balanceepigeneticorthodontics.com
Connection: keep-alive
Referer: http://balanceepigeneticorthodontics.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 26 Oct 2022 05:24:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Mon, 27 Sep 2021 19:16:00 GMT
etag: W/"6f94c378b397a2e5b7624a8a84aa07c6"
cache-control: max-age=31536000
x-amz-version-id: ug5rxut924nW6xl37o5nSKKsrF67pAm2
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UZzKYm5ynT7yp5Kpx5VqD17HRd0Nqw2X_vha8JcnRLTwGCbvhDjw4A==
age: 5045437
X-Firefox-Spdy: h2
45.79.7.19
23.36.77.32
93.184.220.29
104.18.13.41
31.13.72.36