firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 19:42:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RjhG3SgYdIFC69SidXt2bLEAvW1QIamUvYmwLfpFHGbDV2uGNDPr5g==
Age: 3535
weinsteincounseling.com/
35.209.5.247301 Moved Permanently 240 B IP 35.209.5.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7e1c5c11732e5991c5e97ba9d37be474
1c73d278bac535d7cc61ea70afa473443ecff4bb
d64f6c8c7a96ab58ad16810c92a5cadb814540d770f8274ba71772f7630c19ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Sep 2022 20:41:02 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 240
Connection: keep-alive
Location: https://weinsteincounseling.com/
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS
X-Proxy-Cache-Info: 0301 NC:000000 UP:
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17382
Expires: Sat, 03 Sep 2022 01:30:44 GMT
Date: Fri, 02 Sep 2022 20:41:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MN_5fc6QvNN4bIecu2kBcTpAb1ZGMT28ivPWhWsAQ0rcSYtrctefsA==
age: 69945
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:03 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 02 Sep 2022 20:38:16 GMT
Cache-Control: max-age=3600
Expires: Fri, 02 Sep 2022 21:30:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wehVOqRyvJSg3VZzbsDuoYLouPkSsPO5oKdqadaqfA66ul2Ugq5-OQ==
Age: 167
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1221
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:03 GMT
Last-Modified: Fri, 02 Sep 2022 20:20:42 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.83.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.83.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nl+5lyXjvCu90EliJG3t8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9zq0LCaPMvqlrkeyClVw7RUvXz0=
use.fontawesome.com/18a9c36ed1.js
172.67.169.247200 OK 4.0 kB URL HTTP/2 use.fontawesome.com/18a9c36ed1.js
IP 172.67.169.247:0
File type Unicode text, UTF-8 text, with very long lines (9239)
Hash de961be1f54933402f7f78eced2f510b
5255973ccaf646390b79580a7e23b2245641630f
d275aeb55e30fe7ff00358e2ccbbfd8788b6b9605a9ba6c3cdcbc0ba4a4c1acd
GET /18a9c36ed1.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/javascript
x-amz-id-2: mJCRrO0HAZZeRfN9BlqNszJGQ2mmT+O8Bgg56jFiIJnMHb7XFNXOlUYzG2M2qJRnsh8H5G6AHkw=
x-amz-request-id: MBM59WGG0HFWJC3N
last-modified: Wed, 30 Jun 2021 17:06:08 GMT
etag: W/"2c8ad70895554a9787ba0c6d0e82243f"
cache-control: max-age=1800
cf-cache-status: HIT
age: 4715
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fErs2CZdyFA9Bb1YKNlUN64aRy2VxXpt3Epx0AzW5ch1UI7bLnQ2pOqGUJiZTr4q08fqfbDR09m3yCYYPmhyx%2FWmZc%2B%2FbHoQL0uAazj1FhMkfTM0%2FyEPIM47%2BQUaZDSwxd3oFXPm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74491077fc6eb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 20cc30f2a41f9c5e824ea46460548950
c153b447d44cbbe8f30d7f490605d1a430af20a1
0f8bb96e7dfd8a6bb3d7eae1a958195cb8ca9f20e0ad8cd952c34267ff0625f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 20cc30f2a41f9c5e824ea46460548950
c153b447d44cbbe8f30d7f490605d1a430af20a1
0f8bb96e7dfd8a6bb3d7eae1a958195cb8ca9f20e0ad8cd952c34267ff0625f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-199815255-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-199815255-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash caa6f6d4731c24b2c1251d669bd4b204
e0b4d8ba26ddadf957142fd2f90bc61b12c6ee91
79d8a5af4e4379a7b7992b8ea98ffa8b77c172d030fe30e262d57c41e954885b
GET /gtag/js?id=UA-199815255-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Sep 2022 20:41:04 GMT
expires: Fri, 02 Sep 2022 20:41:04 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Sep 2022 20:06:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41915
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 20cc30f2a41f9c5e824ea46460548950
c153b447d44cbbe8f30d7f490605d1a430af20a1
0f8bb96e7dfd8a6bb3d7eae1a958195cb8ca9f20e0ad8cd952c34267ff0625f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.weinsteincounseling.com/wp-content/themes/Archive/css/bootstrap.min.css
35.209.5.247200 OK 18 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/bootstrap.min.css
IP 35.209.5.247:0
File type ASCII text, with very long lines (65371)
Hash 059696f3dc88a36b1d35bd9bda9fa733
8d9e1a1de2dcf203cc64bc856a8f0a12d88820d2
8b21d3ad5e5230070d056e258c7062d30967a910a1b77ec9fa9ad7b6fb142e73
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/bootstrap.min.css HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-1ca31"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 190ad961e14d1463fb7bd8b83be5142d
15af921cd2eb674d07093b4628202149f718ba8e
9ca614e9ee0b727066828ea96a4968d95371da0da831c0a36f79217ac63f81ac
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 20:41:04 GMT
Last-Modified: Fri, 02 Sep 2022 19:36:54 GMT
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jmM-bqJv6VuL-Hy-bo-O3tvJhVA_lk8ASmhs1r2taJfmo3_pRI1JCQ==
Age: 3850
member.psychologytoday.com/verified-seal.js
52.49.134.17302 Found 0 B URL HTTP/1.1 member.psychologytoday.com/verified-seal.js
IP 52.49.134.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /verified-seal.js HTTP/1.1
Host: member.psychologytoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 02 Sep 2022 20:41:04 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Server: Apache/2.4.54 (Amazon)
X-Powered-By: PHP/7.0.33
Location: https://resources.psychologytoday.com/member/share/v1.2.2/verified-seal-cb.min.js
Via: 1.1 memberweb
www.weinsteincounseling.com/wp-content/uploads/2020/12/WEINSTEIN-COUNSELING.png
35.209.5.247200 OK 11 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2020/12/WEINSTEIN-COUNSELING.png
IP 35.209.5.247:0
File type PNG image data, 327 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash 966a458b63b57c2677533d7e62bde6cc
ee37e7dcaf892fff8f1b1a226d8027fdae7f1c32
e7d19c6c9e4db83b5a98a07ee1ea087b4ccc6532671ec6210a73d9c1116e53e7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/WEINSTEIN-COUNSELING.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: image/png
content-length: 11099
last-modified: Wed, 30 Dec 2020 20:19:57 GMT
etag: "5fece0ed-2b5b"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/images/about-sign.png
35.209.5.247200 OK 15 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/images/about-sign.png
IP 35.209.5.247:0
File type PNG image data, 154 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash b38e81a4daee4c53939be1e99f6c7d5c
a5c6cbc42ff5b070a356da78f77175c9c8ed5a81
a98de8fb1e7dd01e30171362d2baea4818073061a00135ce53c9bc3c2c26b2de
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/images/about-sign.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: image/png
content-length: 14949
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
etag: "5fecdac6-3a65"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
35.209.5.247200 OK 5.1 kB URL HTTP/2 www.weinsteincounseling.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 35.209.5.247:0
File type ASCII text, with very long lines (15660)
Hash 402a949c90b35b8b5ba9253fdc8c77f1
6e16a10c80d14744cdea0f68643238d8cfea2b4c
8cceab667b24166e1822ab0d312bac7095b22e4ead809c4d7d0a5a0d9bf6a810
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 01 Jun 2022 12:57:55 GMT
vary: Accept-Encoding
etag: W/"62976253-48b9"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
resources.psychologytoday.com/member/share/v1.2.2/verified-seal-cb.min.js
143.204.55.59200 OK 18 kB URL HTTP/2 resources.psychologytoday.com/member/share/v1.2.2/verified-seal-cb.min.js
IP 143.204.55.59:0
Hash b3a937e64b610f8581ee0c91c32b1ce4
90c178b329f4518ace6f81e2dcaf0eb66d08d3d7
31c6c2d45533849c89ffe2184f4e9cc6d7d016772c0796a59fd55037066fdc42
GET /member/share/v1.2.2/verified-seal-cb.min.js HTTP/1.1
Host: resources.psychologytoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.weinsteincounseling.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
date: Sat, 20 Aug 2022 12:47:55 GMT
last-modified: Tue, 22 Jan 2019 19:55:52 GMT
etag: W/"9da65fec120dad4d0dc18e374540e5d8"
x-amz-version-id: VL4ZWBK5p1S46CfyJK_rXwyMRCb7lTT9
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zMSlmnJPH9KPVXpKY-337-apzIbKMaTqJXl9ctqtBTXF3qr89V6FoQ==
age: 1151590
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.weinsteincounseling.com/wp-content/themes/Archive/css/jquery.bxslider.css?ver=4.1.2
35.209.5.247200 OK 1.5 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/jquery.bxslider.css?ver=4.1.2
IP 35.209.5.247:0
Hash 5f5c0242d74c6a5fb35abbbcc0ed4edc
d6c39d3e145bedd7197006c75ec2de1295895317
081274661962ef42273ebbae481ac1d868237bdbe62abd6e2c73cf9e5fa5e9ba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/jquery.bxslider.css?ver=4.1.2 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-e50"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/owl.carousel.css?ver=1.3.3
35.209.5.247200 OK 971 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/owl.carousel.css?ver=1.3.3
IP 35.209.5.247:0
Hash 8328208dd74ff5017a5367bed47a2f12
8b27e3a2f8e85c6827a7b7c396f4f6f8aa6ef765
caefc3d3f39daac2f010800f2475b1ba54160f36cba6d9f2407a07b22919d036
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/owl.carousel.css?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-5cb"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12409
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 20:41:05 GMT
Connection: keep-alive
www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-20.png
35.209.5.247200 OK 1.8 MB URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-20.png
IP 35.209.5.247:0
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 1.8 MB (1812522 bytes)
Hash b61af6ac2b69ff53e1bf4dfe1e268c92
a446534cb1ebd6261a38dda9f4fb29a6e466df44
0919316e30a1a2bed9133bd016b2c464cf06dd533f749c2bacf6bdbadcb6cd14
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/Untitled-design-20.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: image/png
content-length: 1812522
last-modified: Wed, 30 Dec 2020 20:49:00 GMT
etag: "5fece7bc-1ba82a"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/fonts/fontawesome-webfont.woff2?v=4.6.3
35.209.5.247200 OK 72 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 35.209.5.247:0
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/wp-content/themes/Archive/css/font-awesome.css?ver=4.4.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: font/woff2
content-length: 71896
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
etag: "5fecdac6-118d8"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: fa921878-2054-453b-b313-681cdd9c9068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj-Z_HUNIAMFltg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b110c-053ce81943fea70c2de7daa0;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 06:54:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CDyJUMKmUlrT3LgfeiZhQN1XEV2vKTIZtmV4QZYXaoM4PWbYo8IyJA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 14:46:29 GMT
age: 21276
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:01:10 GMT
age: 81595
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 95a0cd21ffe5fe8cf78821d59d70169e
ec332d57a56347bef8bb2366938aa04984b6f834
b8eecf5b4499b88fcdd0977d9f28ecfb707d4efef5ed245c2620734276c49454
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 20:41:05 GMT
Last-Modified: Fri, 02 Sep 2022 18:54:12 GMT
Server: ECS (dcb/7F5E)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5rVLIY845b6TpOjG5ZxVsTvKklj3b_CukefEQ_Hy_4pIdGgPYyBGQA==
Age: 6413
www.weinsteincounseling.com/wp-content/themes/Archive/css/docss.theme.min.css?ver=1.3.3
35.209.5.247404 Not Found 17 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/docss.theme.min.css?ver=1.3.3
IP 35.209.5.247:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (16588)
Hash 1a117dd6a9a03c8fc07719933deba116
4bd1c5faaf3735122ecdc8029dacb5586ab257ab
d2d3e3148d6f3a5942119c5f4141f9cc2f49b8511d8eacf6a7ce66d326e51b7e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/docss.theme.min.css?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-cache-enabled: True
link: <https://www.weinsteincounseling.com/wp-json/>; rel="https://api.w.org/"
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
142.250.74.10200 OK 11 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%2C900
IP 142.250.74.10:0
Hash cca1741b2b628c5b74bef1734b857bb6
c84ea5c35fdd9a6d13efbabb39a00cf13fc772f3
21477a5a5fa79b5f7af92caeb47909d3e3fc0937f974d548ca2657a59d409929
GET /css?family=Roboto%3A400%2C500%2C700%2C900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 20:41:04 GMT
date: Fri, 02 Sep 2022 20:41:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/jquery.colorbox.js?ver=20160809
35.209.5.247200 OK 14 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/jquery.colorbox.js?ver=20160809
IP 35.209.5.247:0
Hash fe4df159fe158046e1bc337a81d2333f
32aeaa86171ecc06fdd5727be9d8b4d7077aca69
15aea5e16ec13db948cdd875e7d656689e3a62409b4966284b31c01e71809dd1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/jquery.colorbox.js?ver=20160809 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-71f1"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Archivo+Narrow%7CArimo%7CBerkshire+Swash%7CBitter%7CComfortaa%7CDancing+Script%7CDosis%7CDroid+Serif%7CFrancois+One%7CGermania+One%7CHammersmith+One%7CIndie+Flower%7CLobster%7CMuli%7CNosifer%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPacifico%7CQuestrial%7CRoboto+Mono%7CRoboto+Slab%7CSource+Serif+Pro%7CTitillium+Web%7CWork+Sans%7CRubik%3A700i&ver=6.0.2
142.250.74.10200 OK 8.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Archivo+Narrow%7CArimo%7CBerkshire+Swash%7CBitter%7CComfortaa%7CDancing+Script%7CDosis%7CDroid+Serif%7CFrancois+One%7CGermania+One%7CHammersmith+One%7CIndie+Flower%7CLobster%7CMuli%7CNosifer%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPacifico%7CQuestrial%7CRoboto+Mono%7CRoboto+Slab%7CSource+Serif+Pro%7CTitillium+Web%7CWork+Sans%7CRubik%3A700i&ver=6.0.2
IP 142.250.74.10:0
Hash 24bea94f2b4e88a18b8e035002b2fcf9
6a13e2df8c0a79124725e851ca26c891b551bbe6
b9451661e27fc825b34256050517cc2719fc7000935a97b00db921378fdf4314
GET /css?family=Archivo+Narrow%7CArimo%7CBerkshire+Swash%7CBitter%7CComfortaa%7CDancing+Script%7CDosis%7CDroid+Serif%7CFrancois+One%7CGermania+One%7CHammersmith+One%7CIndie+Flower%7CLobster%7CMuli%7CNosifer%7CPT+Sans%7CPT+Sans+Caption%7CPT+Sans+Narrow%7CPacifico%7CQuestrial%7CRoboto+Mono%7CRoboto+Slab%7CSource+Serif+Pro%7CTitillium+Web%7CWork+Sans%7CRubik%3A700i&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 20:41:04 GMT
date: Fri, 02 Sep 2022 20:41:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/jquery.stellar.js?ver=20150903
35.209.5.247200 OK 10 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/jquery.stellar.js?ver=20150903
IP 35.209.5.247:0
File type ASCII text, with very long lines (310)
Hash 1b403ce4303ae7987b65456b942f5e88
0a12b892bc3df5a6665d2284ac86f5579800e629
f3b7e1666a6c4126771ec0aa124293f3ae3480182ec728d2be9debddfc2f217b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/jquery.stellar.js?ver=20150903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-5af2"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-24.png
35.209.5.247200 OK 2.8 MB URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-24.png
IP 35.209.5.247:0
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 2.8 MB (2842539 bytes)
Hash 6650896dbbbac3cfd58f1e052c1cd25e
db45986008bd310fb2b55ef15736b91bf715c25a
45513be18a6ec0c3ce65e0744ef2607541d1cf53b6c8833d0777628a5b39001f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/Untitled-design-24.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: image/png
content-length: 2842539
last-modified: Thu, 31 Dec 2020 20:19:58 GMT
etag: "5fee326e-2b5fab"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-19.png
35.209.5.247200 OK 2.3 MB URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-19.png
IP 35.209.5.247:0
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 2.3 MB (2301204 bytes)
Hash 54b72bd23f6c055aa3cc0187e3a9ce30
f18f714da3e5e5328533fc51e2108c965c1455ec
14b033ab6edbf6bf9e0c72d0e43b1b80c23f876f642dcad696987bd24c8654aa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/Untitled-design-19.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: image/png
content-length: 2301204
last-modified: Wed, 30 Dec 2020 20:48:29 GMT
etag: "5fece79d-231d14"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/uploads/2021/01/4P5A3862-1-scaled.jpg
35.209.5.247200 OK 514 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2021/01/4P5A3862-1-scaled.jpg
IP 35.209.5.247:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 2317x2560, components 3\012- data
Size 514 kB (514376 bytes)
Hash 8eb2a50b3ca08c0fb84f415e7d07c082
43f4b53a5007cf470394c659cba4c41a65570c07
21d718bdb24795a9f707d65146be5100d1094b51b229620ee9f464ed63991655
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/01/4P5A3862-1-scaled.jpg HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: image/jpeg
content-length: 514376
last-modified: Wed, 06 Jan 2021 21:33:14 GMT
etag: "5ff62c9a-7d948"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-23.png
35.209.5.247200 OK 2.5 MB URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-23.png
IP 35.209.5.247:0
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 2.5 MB (2506259 bytes)
Hash e94a927db63b73f12c0fa8929316e6d8
ac910fc059a02acd61da81e23fbf341711a449f7
b797105174c398873f3e6a237f3d32ccfba1a1ed11711914303a7e5677e9d9b1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/Untitled-design-23.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: image/png
content-length: 2506259
last-modified: Thu, 31 Dec 2020 20:19:04 GMT
etag: "5fee3238-263e13"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 02 Sep 2022 18:41:12 GMT
expires: Fri, 02 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 7194
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-21.png
35.209.5.247200 OK 2.1 MB URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2020/12/Untitled-design-21.png
IP 35.209.5.247:0
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 2.1 MB (2136510 bytes)
Hash c5b08fb01121e0e06cf1299e836d2e8a
3481a16580965225d5a363cab658e4d3171a7235
d1d35a2888841ad5121302ecadb7bb00ab2e1ed9c5eec8780122204b8b75a1ad
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/Untitled-design-21.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: image/png
content-length: 2136510
last-modified: Wed, 30 Dec 2020 20:49:34 GMT
etag: "5fece7de-2099be"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/uploads/2020/12/cropped-Copy-of-WEINSTEIN-COUNSELING-192x192.png
35.209.5.247200 OK 9.0 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2020/12/cropped-Copy-of-WEINSTEIN-COUNSELING-192x192.png
IP 35.209.5.247:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e7b3a0601d0a84b6e6c47154f6bef61
aadb05337790a7f557ca9fcef458bf98a094973c
16cd4e3cf63ad206af7b5b5ab07c436a8d734b57f48071fa4f13928c81f8d290
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/cropped-Copy-of-WEINSTEIN-COUNSELING-192x192.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:06 GMT
content-type: image/png
content-length: 8999
last-modified: Wed, 30 Dec 2020 20:22:11 GMT
etag: "5fece173-2327"
expires: Sat, 02 Sep 2023 20:41:06 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/uploads/2020/12/cropped-Copy-of-WEINSTEIN-COUNSELING-32x32.png
35.209.5.247200 OK 855 B URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2020/12/cropped-Copy-of-WEINSTEIN-COUNSELING-32x32.png
IP 35.209.5.247:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5626d05c9fa59c80feb7a5bd7efeaff1
a322c4edf8791ad18407c03bd0f7e091b928a2d0
bafa0a425abd182099717781c36fe71680e84dfdcdc634a0a80b84bf03374839
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/12/cropped-Copy-of-WEINSTEIN-COUNSELING-32x32.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:06 GMT
content-type: image/png
content-length: 855
last-modified: Wed, 30 Dec 2020 20:22:11 GMT
etag: "5fece173-357"
expires: Sat, 02 Sep 2023 20:41:06 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
143.204.42.226200 OK 13 kB URL HTTP/1.1 d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
IP 143.204.42.226:0
File type Unicode text, UTF-8 text, with very long lines (42625)
Hash 8c5cb7b488cf93fc037a7e9233d614a6
01e8817352fbc9ae24dad92afaecd82cde3e46d9
e2058d0c89669b0169be8e181f4594753fa29a1cf004633d44402d4dcacc60db
GET /v7/bugsnag.min.js HTTP/1.1
Host: d2wy8f7a9ursnm.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spwidget-weinstein-counseling.clientsecure.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 21 Jul 2022 11:20:51 GMT
Last-Modified: Mon, 20 Jun 2022 10:44:21 GMT
ETag: W/"db1c3dddce5c8b8b9207bd5eba84ceb9"
Cache-Control: public, max-age=315360000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K-LXTsOX7KFLvO24I8v7vHXFAb-gYgJOxXN8oU0FMRrOWVY6CaZhpw==
Age: 3748815
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 808a2a2e9e7c055ad5a6ada8e30000e2
5801dd00ba0c20f3370d61837344f44b9ac5e27a
a709e14c5df4f9dea10811899395184be7b81d9af36e550722303b6d665e081e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5271
Cache-Control: max-age=104766
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:06 GMT
Etag: "63114c09-1d7"
Expires: Sun, 04 Sep 2022 01:47:12 GMT
Last-Modified: Fri, 02 Sep 2022 00:19:21 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
js.stripe.com/v3/
151.101.84.176200 OK 81 kB IP 151.101.84.176:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bd6feda66e74d3ae305959fedcd7c488
a1b1635b1b47052f607f13ac5232674329307b59
744a0a339b358d14c64a6406014f20029917651b8ac208bfeb07405479ed7291
GET /v3/ HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spwidget-weinstein-counseling.clientsecure.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 19:27:28 GMT
etag: "c60bded5fc23fe5642fa6fa5eed6fe25"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Sep 2022 20:41:06 GMT
via: 1.1 varnish
age: 10
x-request-id: 858995e6-f40c-45be-b2ed-561e5795f437
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
timing-allow-origin: *
content-length: 81054
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ce2156f16ab8495072a5b72410e9d768
a8aaaa657026bf619bbaff2651e28d3ea3d3e2f4
6f4a497b5cdd026895976a5a1c7c3a6264a235b154b617fe011ced24b1b6159b
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:06 GMT
Last-Modified: Fri, 02 Sep 2022 18:57:05 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ssl.kaptcha.com/collect/sdk?m=100218&spa=true
54.148.115.137200 OK 5.6 kB URL HTTP/1.1 ssl.kaptcha.com/collect/sdk?m=100218&spa=true
IP 54.148.115.137:0
File type ASCII text, with very long lines (5395)
Hash 8869a5cf1b332de498672406758f5127
862b7e7bbbb6da0621ba2d0a1004a1fc5b7427b3
05c2aebdd9318b70ddfe29e01488eeb91f4b8c8b3381db49dc322bbd1fbfb764
GET /collect/sdk?m=100218&spa=true HTTP/1.1
Host: ssl.kaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spwidget-weinstein-counseling.clientsecure.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, private
Content-Type: text/javascript
Expires: 0
P3p: CP=CAO PSA OUR
Pragma: no-cache
Set-Cookie: k=c1eeee1aa5694832abb8abc5b6cb293f; Path=/; Expires=Thu, 01 Dec 2022 20:41:06 GMT; HttpOnly; Secure; SameSite=None
X-Correlation-Id: 1175f56a-435a-42d6-a38b-9292d9f6ea79
Date: Fri, 02 Sep 2022 20:41:06 GMT
Transfer-Encoding: chunked
js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
151.101.84.176200 OK 114 B URL HTTP/2 js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
IP 151.101.84.176:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 0ef2768c7b3f72d8f9b2f3f75361aa13
086737961aae695d27853057b8a032f01207db3d
dcc437eabda698d88452ccf517712d1729199a0cc3b3d76168f374499d72cf39
GET /v3/m-outer-e52e635988f6f4658a329b4b948f1007.html HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spwidget-weinstein-counseling.clientsecure.me/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
etag: "e52e635988f6f4658a329b4b948f1007"
cache-control: max-age=31536000
content-type: text/html; charset=utf-8
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Sep 2022 20:41:07 GMT
via: 1.1 varnish
age: 7356
x-request-id: 2a25644f-f426-4aa6-9142-94be83da8657
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 1307
vary: Accept-Encoding
timing-allow-origin: *
content-length: 114
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash d1b12590751a058023b148a44a38be65
28c220c78b64b845d0e38ad82e0b6a288ea079a3
b4ec62bdfc8b8effe963c5eed5ca46c9d5661d71b49f9522ae8b4172bd7613a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5067
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:07 GMT
Last-Modified: Fri, 02 Sep 2022 19:16:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 727
js.stripe.com/v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js
151.101.84.176200 OK 256 B URL HTTP/2 js.stripe.com/v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js
IP 151.101.84.176:0
File type ASCII text, with very long lines (526), with no line terminators
Hash 81235fac06e9d326aeef8b39a495c8ce
ef91fdb8aefe71c4152a8d5d04a932db00039f49
a1dff1e13da8d931f175c206d6d2bedd4989c3b8f338162b35a18eec08840944
GET /v3/fingerprinted/js/m-outer-a0304d3ea31e8647892809f01854788c.js HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-e52e635988f6f4658a329b4b948f1007.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 18:36:32 GMT
etag: "d96c709017743c0759cf3853d1806ba5"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Fri, 02 Sep 2022 20:41:07 GMT
via: 1.1 varnish
age: 18
x-request-id: b1968cbd-ad36-45b5-80eb-95dda8212197
x-served-by: cache-bma1628-BMA
x-cache: HIT
x-cache-hits: 7
vary: Accept-Encoding
timing-allow-origin: *
content-length: 256
X-Firefox-Spdy: h2
cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
130.211.5.208200 OK 17 kB URL HTTP/2 cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
IP 130.211.5.208:0
File type ASCII text, with very long lines (755)
Hash caa762087e9d75cecc34b5d6626cb7b9
fcc68d485c2f42e0f880260c3e104cedf50d0d11
dc0ec55efae4c1f0ff095cf05133cc835e1cc4ff7906d3b7a2d0d86789bfe145
GET /libs/mixpanel-2-latest.min.js HTTP/1.1
Host: cdn.mxpnl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spwidget-weinstein-counseling.clientsecure.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvMktO89lp7aV72LI3-RPserATkc_y3HQfWc37wm7qLLv7QAw0ggtYMRMbSdD_9KA7O7R8nQ_EU12lg0RMpFVKZj32-cBeO
x-goog-generation: 1645129310876382
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 17435
content-encoding: gzip
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 17435
access-control-allow-origin: *
server: UploadServer
date: Fri, 02 Sep 2022 20:39:57 GMT
expires: Fri, 02 Sep 2022 20:49:57 GMT
cache-control: public,max-age=600
age: 70
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
etag: "caa762087e9d75cecc34b5d6626cb7b9"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash d1b12590751a058023b148a44a38be65
28c220c78b64b845d0e38ad82e0b6a288ea079a3
b4ec62bdfc8b8effe963c5eed5ca46c9d5661d71b49f9522ae8b4172bd7613a0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5067
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:07 GMT
Last-Modified: Fri, 02 Sep 2022 19:16:40 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 727
m.stripe.network/inner.html
54.230.111.111200 OK 930 B URL HTTP/2 m.stripe.network/inner.html
IP 54.230.111.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Hash fc2e029628f163bb59adc6fa5a31161c
0f4547ae510d1bf36e3630d41bdab29d64c03d64
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
GET /inner.html HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 930
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
accept-ranges: bytes
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Fri, 02 Sep 2022 20:38:04 GMT
cache-control: max-age=300, public
etag: "fc2e029628f163bb59adc6fa5a31161c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p5Itu93bE_fTEt9qhowbZ-1mP024bJf1a1sTCfW7QRU8aLTvcYF1LQ==
age: 185
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/wow.js
35.209.5.247200 OK 3.8 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/wow.js
IP 35.209.5.247:0
Hash 508652a04820822caa617683a348b01e
90971dc7abfcca7e55357324452d9be884dcc018
0994f6366c6a381aa97dcf741faa4b34495ff4b6467b5aa92cc01b7a42f39291
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/wow.js HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-3cbb"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 78cbc09e5ab64fefb04ad8bfdbba16cf
3d4b7675ad826e627a16816d9edb6d5c3e96bb54
5b4428b5cc0017abd2506bfae95727892d92f27e63b8ef50e868fd39b2960c4c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 20:41:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 21:47:02 GMT
Expires: Tue, 06 Sep 2022 21:47:01 GMT
Etag: "3d4b7675ad826e627a16816d9edb6d5c3e96bb54"
Cache-Control: max-age=348953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7449108e4a68b523-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 78cbc09e5ab64fefb04ad8bfdbba16cf
3d4b7675ad826e627a16816d9edb6d5c3e96bb54
5b4428b5cc0017abd2506bfae95727892d92f27e63b8ef50e868fd39b2960c4c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 20:41:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 21:47:02 GMT
Expires: Tue, 06 Sep 2022 21:47:01 GMT
Etag: "3d4b7675ad826e627a16816d9edb6d5c3e96bb54"
Cache-Control: max-age=348953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7449108df9d8b523-OSL
sessions.bugsnag.com/
35.190.88.7200 OK 0 B IP 35.190.88.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: sessions.bugsnag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Referer: https://spwidget-weinstein-counseling.clientsecure.me/
Origin: https://spwidget-weinstein-counseling.clientsecure.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Fri, 02 Sep 2022 20:41:07 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
35.209.5.247200 OK 4.5 kB URL HTTP/2 www.weinsteincounseling.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 35.209.5.247:0
File type ASCII text, with very long lines (11126)
Hash 8d1068ba37663bb265db82260ce8de9d
b24ab6c1f860b6c2bc38ceb21b576a7250e7d43f
ccf18e54dfbda85f6e86a1aca85c3a5b7468b8a93e072400d47d136216455df0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Thu, 19 Nov 2020 21:01:14 GMT
vary: Accept-Encoding
etag: W/"5fb6dd1a-2bd8"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
f.convertkit.com/ckjs/ck.5.js
104.18.192.57200 OK 13 kB URL HTTP/2 f.convertkit.com/ckjs/ck.5.js
IP 104.18.192.57:0
File type Unicode text, UTF-8 text, with very long lines (53700), with no line terminators
Hash 77dc006f9e50cd317012484862e76c90
abeee3b7dc40fc44005c483d2e4446a719e1b74c
08a8c4574f96fe4a96d80963dc88b9991c7e917bd7ceae932589e18001e70be1
GET /ckjs/ck.5.js HTTP/1.1
Host: f.convertkit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.weinsteincounseling.com
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 20:41:05 GMT
content-type: application/javascript; charset=utf-8
x-amz-id-2: oT9uqKdhzMM52BFyvxOyvqqETQaC7ALbsnv8NZaQ+PqODKWELSDmz25dg0xSY+NGDxxko8KW/wA=
x-amz-request-id: ZB1J1XD7QVBEDQ1X
access-control-allow-origin: https://www.weinsteincounseling.com
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Request-Method, ETag
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 19 Oct 2021 14:51:13 GMT
etag: W/"7f6a2b3f8f18a10fb2a520d097324cd7"
cf-cache-status: MISS
expires: Sat, 03 Sep 2022 00:41:05 GMT
cache-control: public, max-age=14400
set-cookie: __cf_bm=gGP2QPpfYl.nC1GPeoe4bqL0TZX52uqTn3pdpHQbZcE-1662151265-0-AfAhtrYGBegiw8M64Cfg6+PoGc1ga9kzOccf4lawOUgIdYsfk1EsJgW5k9LtMAP813NjXQ8gXvPAL9V5+Pt9lc4paELYYhlK29kdgpp8JQQk; path=/; expires=Fri, 02-Sep-22 21:11:05 GMT; domain=.convertkit.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7449107ee86ab517-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/uploads/2021/06/Untitled-design-5-300x102.png
35.209.5.247200 OK 21 kB URL HTTP/2 www.weinsteincounseling.com/wp-content/uploads/2021/06/Untitled-design-5-300x102.png
IP 35.209.5.247:0
File type PNG image data, 300 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash 55c97e13286447bfdf1940319725424a
87508f831513c827c64bd7236af15227a2237ad3
54e579072bc8a1afce0fc1013bc047af167a19c555500d90267171dc602cea5f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/06/Untitled-design-5-300x102.png HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Cookie: _ga=GA1.2.1030118061.1662151264; _gid=GA1.2.2017253229.1662151264; _gat_gtag_UA_199815255_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:07 GMT
content-type: image/png
content-length: 21086
last-modified: Fri, 04 Jun 2021 16:52:22 GMT
etag: "60ba5a46-525e"
expires: Sat, 02 Sep 2023 20:41:07 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 78cbc09e5ab64fefb04ad8bfdbba16cf
3d4b7675ad826e627a16816d9edb6d5c3e96bb54
5b4428b5cc0017abd2506bfae95727892d92f27e63b8ef50e868fd39b2960c4c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Sep 2022 20:41:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 21:47:02 GMT
Expires: Tue, 06 Sep 2022 21:47:01 GMT
Etag: "3d4b7675ad826e627a16816d9edb6d5c3e96bb54"
Cache-Control: max-age=348953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7449108fdfe3b515-OSL
www.psychologytoday.com/api/verified-seal/seals/17/profile/838726?callback=sxcallback
99.80.230.152200 OK 36 kB URL HTTP/2 www.psychologytoday.com/api/verified-seal/seals/17/profile/838726?callback=sxcallback
IP 99.80.230.152:0
File type ASCII text, with very long lines (36195), with no line terminators
Hash 01ec2918c1ea78eb25c15584abb9f09f
db22289c93559b8d7ba4ca4b5e8e0f56832ba511
41373ba4bbdde9e3dc1764d4cf5a5fc3c844e5532e9651552ceda8c4dcf690f0
GET /api/verified-seal/seals/17/profile/838726?callback=sxcallback HTTP/1.1
Host: www.psychologytoday.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 20:41:05 GMT
content-type: application/json
server: Apache/2.4.54 (Amazon)
x-powered-by: PHP/7.0.33
content-encoding: UTF-8
via: 1.1 ZZ
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5f5cb6a90bdc858e1288b4cf61d90c25
a8d73085826c2d1c4f756153ddbbfc557dc00ecb
03594b20ac940e72a63d5c2a6ea2b5d1fb409d47c04f308c5ec5269489a166b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4026
Cache-Control: max-age=98090
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:41:08 GMT
Etag: "631136d4-1d7"
Expires: Sat, 03 Sep 2022 23:55:58 GMT
Last-Modified: Thu, 01 Sep 2022 22:48:52 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
sessions.bugsnag.com/
35.190.88.7202 Accepted 21 B IP 35.190.88.7:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1807ffa1d44e667592a0f91c668ba65b
4d48849fa0f6917c9c57ed958680e9a1e722382b
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
POST / HTTP/1.1
Host: sessions.bugsnag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Bugsnag-Api-Key: cd87d7479ba405250a10f30eb9673844
Bugsnag-Payload-Version: 1
Bugsnag-Sent-At: 2022-09-02T20:41:05.853Z
Content-Length: 435
Origin: https://spwidget-weinstein-counseling.clientsecure.me
Connection: keep-alive
Referer: https://spwidget-weinstein-counseling.clientsecure.me/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 202 Accepted
access-control-allow-origin: *
bugsnag-session-uuid: d22287d0-ca29-4e0c-b5c2-6ec7ca7cae1b
content-type: application/json
date: Fri, 02 Sep 2022 20:41:08 GMT
content-length: 21
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
m.stripe.com/6
54.68.111.231200 OK 156 B IP 54.68.111.231:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b5748a51051bffb540d09a399d359bc0
5c39c05b8495dddcfc4bd5568e9433254e8022d5
cd4322ba1de0271390f6b6fd590e806842c0ba3bff87da8abbdc1739a66aa75a
POST /6 HTTP/1.1
Host: m.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2644
Origin: https://m.stripe.network
Connection: keep-alive
Referer: https://m.stripe.network/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:08 GMT
content-length: 156
set-cookie: m=42f4d2cd-37b5-49ad-b9c0-dff7d561ea743714d3;Expires=Sun, 01-Sep-2024 20:41:08 GMT;Secure;HttpOnly; SameSite=None
x-content-type-options: nosniff
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b01e38b12bffb2f525351913eaa246cb
b7f8c0db9e2ddc795726b77b8f8f21037611fca8
e06e127b8ab197f09cc1b4a18d643908aef03898e86a80ca5f901865bfdbd5fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22bc4d5a-9f0a-4b9f-a3a8-5d297d24ea9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7174
x-amzn-requestid: 6b46447e-a28e-4ae8-978e-6729da4aff62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzL6_FraoAMFQIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631126ac-67d9e46104e9215a6f13c224;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vPQvLQ8_vp4YJKL8eWIgpezOqP_xtwupVgL9ZIUq5udMwJ4TSpGbtA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:48:30 GMT
age: 82361
etag: "b7f8c0db9e2ddc795726b77b8f8f21037611fca8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
spwidget-weinstein-counseling.clientsecure.me/widget/unavailable?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=662176
34.218.29.25200 OK 0 B URL HTTP/2 spwidget-weinstein-counseling.clientsecure.me/widget/unavailable?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=662176
IP 34.218.29.25:0
GET /widget/unavailable?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=662176 HTTP/1.1
Host: spwidget-weinstein-counseling.clientsecure.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.weinsteincounseling.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 20:41:05 GMT
content-type: text/html; charset=utf-8
server: nginx
vary: Accept-Encoding
location: /widget/unavailable?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=662176
set-cookie: client-portal-session-expiration_time=86400; expires=Sat, 03 Sep 2022 20:41:05 GMT; path=/
etag: W/"785c4-K9HzQPVGfdlnnAGFQMUZ5s2UxvY"
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/nivo-lightbox.js?ver=20150903
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/nivo-lightbox.js?ver=20150903
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/nivo-lightbox.js?ver=20150903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-35e0"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/superfish.js?ver=20150903
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/superfish.js?ver=20150903
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/superfish.js?ver=20150903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-1b3f"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/total-custom.js?ver=20150903
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/total-custom.js?ver=20150903
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/total-custom.js?ver=20150903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-1d49"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache-enabled: True
x-pingback: https://www.weinsteincounseling.com/xmlrpc.php
link: <https://www.weinsteincounseling.com/wp-json/>; rel="https://api.w.org/", <https://www.weinsteincounseling.com/wp-json/wp/v2/pages/4>; rel="alternate"; type="application/json", <https://www.weinsteincounseling.com/>; rel=shortlink
x-httpd: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
m.stripe.network/out-4.5.42.js
54.230.111.111200 OK 0 B URL HTTP/2 m.stripe.network/out-4.5.42.js
IP 54.230.111.111:0
GET /out-4.5.42.js HTTP/1.1
Host: m.stripe.network
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Fri, 02 Sep 2022 20:41:07 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XaV2e_v5d8NR2NumPBP2faI0uZoQ90gQulO91C0IfNirkebrG5p4nQ==
age: 1
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/bootstrap.min.js
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/bootstrap.min.js
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/bootstrap.min.js HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-8c6f"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/font-awesome.css?ver=4.4.0
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/font-awesome.css?ver=4.4.0
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/font-awesome.css?ver=4.4.0 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-8926"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css-new/templete.css?ver=1.3.3
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css-new/templete.css?ver=1.3.3
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css-new/templete.css?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-1395b"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/plugins/convertkit/resources/frontend/js/convertkit.js?ver=1.9.8.1
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/plugins/convertkit/resources/frontend/js/convertkit.js?ver=1.9.8.1
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/convertkit/resources/frontend/js/convertkit.js?ver=1.9.8.1 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Mon, 18 Jul 2022 20:49:46 GMT
vary: Accept-Encoding
etag: W/"62d5c76a-1824"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/jquery.nav.js?ver=20160903
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/jquery.nav.js?ver=20160903
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/jquery.nav.js?ver=20160903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-14ba"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/customscripts.js?ver=6.0.2
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/customscripts.js?ver=6.0.2
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/customscripts.js?ver=6.0.2 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-1093"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
weinsteincounseling.com/
35.209.5.247301 Moved Permanently 0 B IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 02 Sep 2022 20:41:03 GMT
content-type: text/html; charset=UTF-8
location: https://www.weinsteincounseling.com/
x-cache-enabled: True
x-pingback: https://www.weinsteincounseling.com/xmlrpc.php
x-redirect-by: WordPress
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0301 NC:000000 UP:
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/colorbox.css?ver=4.1.2
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/colorbox.css?ver=4.1.2
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/colorbox.css?ver=4.1.2 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-11f5"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/owl.carousel.min.css?ver=1.3.3
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/owl.carousel.min.css?ver=1.3.3
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/owl.carousel.min.css?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-d17"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/main.js?ver=20150903
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/main.js?ver=20150903
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/main.js?ver=20150903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-512c"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
widget-cdn.simplepractice.com/assets/integration-1.0.js
143.204.55.71200 OK 0 B URL HTTP/2 widget-cdn.simplepractice.com/assets/integration-1.0.js
IP 143.204.55.71:0
GET /assets/integration-1.0.js HTTP/1.1
Host: widget-cdn.simplepractice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
last-modified: Mon, 29 Aug 2022 23:22:21 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
date: Fri, 02 Sep 2022 20:39:47 GMT
cache-control: max-age=3600, public
etag: W/"e27e16182873f63a2c49853111f0985a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: LFjYXDfKv_2W4oG9xwUv94ns6l9KuBCdNWgrw9aB0_BRuq8DfpDuCg==
age: 2281
X-Firefox-Spdy: h2
krystan-rose.ck.page/47112975da/index.js
104.18.139.47200 OK 0 B URL HTTP/2 krystan-rose.ck.page/47112975da/index.js
IP 104.18.139.47:0
GET /47112975da/index.js HTTP/1.1
Host: krystan-rose.ck.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript; charset=utf-8
cache-control: no-cache
last-modified: Thu, 31 Dec 2020 19:52:33 GMT
etag: W/"0d5f4bad9cccd18e76f7964bb7de51f3"
access-control-allow-origin: *
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 744910789d4eb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/superfish.css?ver=1.3.3
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/superfish.css?ver=1.3.3
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/superfish.css?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-30f"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/owl.theme.default.min.css?ver=1.3.3
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/owl.theme.default.min.css?ver=1.3.3
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/owl.theme.default.min.css?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-3f5"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 35.209.5.247:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Sun, 25 Jul 2021 05:28:07 GMT
vary: Accept-Encoding
etag: W/"60fcf667-15db1"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/SmoothScroll.js?ver=20160809
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/SmoothScroll.js?ver=20160809
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/SmoothScroll.js?ver=20160809 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-504b"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 35.209.5.247:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Mon, 18 Jul 2022 16:34:51 GMT
vary: Accept-Encoding
etag: W/"62d58bab-15b64"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/style.css?ver=6.0.2
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/style.css?ver=6.0.2
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/style.css?ver=6.0.2 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Fri, 08 Jan 2021 06:49:13 GMT
vary: Accept-Encoding
etag: W/"5ff80069-3b154"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/jquery.bxslider.js?ver=4.1.2
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/jquery.bxslider.js?ver=4.1.2
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/jquery.bxslider.js?ver=4.1.2 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-c58d"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/slider.js?ver=1.1
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/slider.js?ver=1.1
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/slider.js?ver=1.1 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-67e"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
weinstein-counseling.clientsecure.me/widget-redirect?scopeId=177cf4f5-fd91-485c-99eb-d6217dd95d18&scopeGlobal=true&applicationId=7c72cb9f9a9b913654bb89d6c7b4e71a77911b30192051da35384b4d0c6d505b&appearance=%7B%22fullScreen%22%3Atrue%7D
34.218.29.25302 Found 0 B URL HTTP/2 weinstein-counseling.clientsecure.me/widget-redirect?scopeId=177cf4f5-fd91-485c-99eb-d6217dd95d18&scopeGlobal=true&applicationId=7c72cb9f9a9b913654bb89d6c7b4e71a77911b30192051da35384b4d0c6d505b&appearance=%7B%22fullScreen%22%3Atrue%7D
IP 34.218.29.25:0
GET /widget-redirect?scopeId=177cf4f5-fd91-485c-99eb-d6217dd95d18&scopeGlobal=true&applicationId=7c72cb9f9a9b913654bb89d6c7b4e71a77911b30192051da35384b4d0c6d505b&appearance=%7B%22fullScreen%22%3Atrue%7D HTTP/1.1
Host: weinstein-counseling.clientsecure.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 02 Sep 2022 20:41:05 GMT
content-type: text/html; charset=utf-8
location: https://spwidget-weinstein-counseling.clientsecure.me/widget/unavailable?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=662176
status: 302 Found
cache-control: no-store
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
pragma: no-cache
x-xss-protection: 1; mode=block
x-request-id: 756e4bea-bed4-4030-bc1b-2606942671a9
x-download-options: noopen
x-runtime: 0.009130
x-frame-options: SAMEORIGIN
expires: Fri, 01 Jan 1990 00:00:00 GMT
x-powered-by: Phusion Passenger(R) Enterprise
server: nginx + Phusion Passenger(R)
x-content-type-options: nosniff, nosniff
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,700&display=swap
IP 142.250.74.10:0
GET /css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;1,100;1,200;1,300;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 20:41:04 GMT
date: Fri, 02 Sep 2022 20:41:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/owl.carousel.js?ver=1.3.3
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/owl.carousel.js?ver=1.3.3
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/owl.carousel.js?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-1ac95"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Sun, 14 Jun 2020 05:23:28 GMT
vary: Accept-Encoding
etag: W/"5ee5b450-15fd"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/isotope.pkgd.js?ver=20150903
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/isotope.pkgd.js?ver=20150903
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/isotope.pkgd.js?ver=20150903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-1c3ff"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/nivo-lightbox.css?ver=1.3.3
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/nivo-lightbox.css?ver=1.3.3
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/nivo-lightbox.css?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-2126"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/odometer.js?ver=20150903
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/odometer.js?ver=20150903
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/odometer.js?ver=20150903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-52d7"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/style.min.css?ver=1.3.3
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/style.min.css?ver=1.3.3
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/style.min.css?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-e45e"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/plugins/convertkit/resources/frontend/css/broadcasts.css?ver=1.9.8.1
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/plugins/convertkit/resources/frontend/css/broadcasts.css?ver=1.9.8.1
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/convertkit/resources/frontend/css/broadcasts.css?ver=1.9.8.1 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Mon, 18 Jul 2022 20:49:46 GMT
vary: Accept-Encoding
etag: W/"62d5c76a-587"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/owl.theme.css?ver=1.3.3
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/owl.theme.css?ver=1.3.3
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/owl.theme.css?ver=1.3.3 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-688"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/plugins/convertkit/resources/frontend/js/broadcasts.js?ver=1.9.8.1
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/plugins/convertkit/resources/frontend/js/broadcasts.js?ver=1.9.8.1
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/convertkit/resources/frontend/js/broadcasts.js?ver=1.9.8.1 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Mon, 18 Jul 2022 20:49:46 GMT
vary: Accept-Encoding
etag: W/"62d5c76a-9bf"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
widget-cdn.simplepractice.com/assets/vendor-8d262edc5d04d8f189103f6ba2623a80.js
143.204.55.71200 OK 0 B URL HTTP/2 widget-cdn.simplepractice.com/assets/vendor-8d262edc5d04d8f189103f6ba2623a80.js
IP 143.204.55.71:0
GET /assets/vendor-8d262edc5d04d8f189103f6ba2623a80.js HTTP/1.1
Host: widget-cdn.simplepractice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://spwidget-weinstein-counseling.clientsecure.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 29 Aug 2022 23:22:58 GMT
last-modified: Mon, 29 Aug 2022 23:22:16 GMT
etag: W/"a68e117baef2c57b6e51a49d4593bfc7"
x-amz-server-side-encryption: AES256
cache-control: max-age=63072000, public
expires: Tue, 01 Jan 2030 00:00:00 GMT
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: C0nt6A0dB904GTNIkW6jiqJNR9bZZTk0KsIrqRcmspQSaSqhyRTu-g==
age: 335889
X-Firefox-Spdy: h2
use.fontawesome.com/18a9c36ed1.css
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/18a9c36ed1.css
IP 172.67.169.247:0
GET /18a9c36ed1.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
x-amz-id-2: f20oWGeFLfaVIZfpWI+F9ZwkCE958NOPtstZHk2STD8wABqF0G7mdXXe4GpFQ30P7RtQIB+wHIc=
x-amz-request-id: MBM0JNG02HNMR8D2
last-modified: Wed, 30 Jun 2021 17:06:08 GMT
etag: W/"0d23c246d61e1af500f3c1f297bac576"
cache-control: max-age=1800
cf-cache-status: HIT
age: 6761
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCO0%2FkkICJ8qIOLDmV1VvsIPpdy8pJC2zcV91Yb4Xzpnj6UFl8um838XpTmQQMi5upVEzc4zUNIC1CAjZ0bTvpjli46e18VZrNGV3V9Kc9yyabidZS0A1ZKTU3nkN28bgnTd7o0R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 744910788d2ab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/wow.js?ver=20150903
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/wow.js?ver=20150903
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/wow.js?ver=20150903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-3cbb"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/css/animate.css?ver=1.0
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/css/animate.css?ver=1.0
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/css/animate.css?ver=1.0 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: text/css
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-11498"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2
www.weinsteincounseling.com/wp-content/themes/Archive/js/waypoint.js?ver=20150903
35.209.5.247200 OK 0 B URL HTTP/2 www.weinsteincounseling.com/wp-content/themes/Archive/js/waypoint.js?ver=20150903
IP 35.209.5.247:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Archive/js/waypoint.js?ver=20150903 HTTP/1.1
Host: www.weinsteincounseling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.weinsteincounseling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:41:04 GMT
content-type: application/javascript
last-modified: Wed, 30 Dec 2020 19:53:42 GMT
vary: Accept-Encoding
etag: W/"5fecdac6-448c"
expires: Sat, 02 Sep 2023 20:41:04 GMT
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br
X-Firefox-Spdy: h2