firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 17 Sep 2022 09:39:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T4q1GBa1nhiT6Vw4Os6rgVGgdVSSLxlTgsK3M7SfMHY6DU-cm8PrFg==
Age: 3462
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96daaf84cd2c07756756caf7a2724a29
d24d47c68eec98d44bf341dab9d893df97103e1a
fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3551
Expires: Sat, 17 Sep 2022 11:36:28 GMT
Date: Sat, 17 Sep 2022 10:37:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4it3MO3BzScgKsXi2vDgvhKVpIj2S6RwtaB8tyg2VSivoqBQoJolWA==
age: 25595
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 17 Sep 2022 10:03:22 GMT
Cache-Control: max-age=3600
Expires: Sat, 17 Sep 2022 10:10:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bzxX0LcvrCFNL_IcWGvHFARZ8pS1oujlQCrvKND5T1n0P_rEwxi3cQ==
Age: 2035
michaelshapiromusic.com/postaubree/login/login.php
192.124.249.35301 Moved Permanently 0 B URL HTTP/1.1 michaelshapiromusic.com/postaubree/login/login.php
IP 192.124.249.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /postaubree/login/login.php HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Sat, 17 Sep 2022 10:37:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Sucuri-ID: 19035
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=6488fa5c9fd85d2ca7201f193f0bcae2; path=/
Location: https://michaelshapiromusic.com/postaubree/login/login.php
Vary: Accept-Encoding
X-Sucuri-Cache: BYPASS
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9bf3402af9fef57aa11ffe2943728de4
a3a443aab8226d212be9698623717dd06e46c720
54987a5417af4a99d78532e502cf4685dd3372c1e9f717a8907f3d2b7c8926eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6026
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 10:37:18 GMT
Last-Modified: Sat, 17 Sep 2022 08:56:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash bb80ff60ea43c897649593b8c9814359
98f5d1dc93a9b45a1833455984b8c737660efd13
e67d75dc63a0eade098c95df82d8db1c71b97f00958e333bd646ec5546b7c738
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 17 Sep 2022 10:37:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 16 Sep 2022 20:36:44 GMT
Expires: Sat, 17 Sep 2022 20:36:44 GMT
ETag: "98f5d1dc93a9b45a1833455984b8c737660efd13"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YNCqcBdK3FCwuQ9zXIyF3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: t6V0m+uRxlkteLsYbXGV089addk=
michaelshapiromusic.com/postaubree/login/login.php
192.124.249.35404 Not Found 14 kB URL HTTP/2 michaelshapiromusic.com/postaubree/login/login.php
IP 192.124.249.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (12063), with CRLF, LF line terminators
Hash b33ad15b50db9b65f72ce9df3585b763
c165daaf63372e6141749641e5c259e73b7154f3
5aaca37ca0f384d08c8719e26c106bae87302539099428607b3e641cf86d910d
Analyzer Verdict Alert fortinet Malware
GET /postaubree/login/login.php HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/html; charset=UTF-8
content-length: 14235
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://michaelshapiromusic.com/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4; path=/
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.124.249.35200 OK 30 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.124.249.35:0
File type ASCII text, with very long lines (65447)
Hash d5935cacfd471ce64891335a0e163f0f
883b406801168b978994e8d8c7f252a31321cf61
caea13ed31fcdedf7f54e2383e8a64c1d86d6767c11f227c046ab2952a7d3ce9
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 30310
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
etag: "8e00119-15db1-5bd3006388300-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.124.249.35200 OK 4.0 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.124.249.35:0
File type ASCII text, with very long lines (11126)
Hash 1fbb59519536e28eeb7ae7173973c39f
f6542c5d0f96f621eea4f3cb442021dfe33863fa
b1b54befd52c3605721bf8b5a6c0290c572929138358738826873751256b191c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 3998
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "8e0010b-2bd8-5b45debe27b80-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9
192.124.249.35200 OK 46 kB URL HTTP/2 michaelshapiromusic.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9
IP 192.124.249.35:0
File type ASCII text, with very long lines (42889)
Hash 67abfa56c95b5f800859cbd80d7e1cbb
c03cc5106bf1a30db346a54e3744bc021cfbcbcc
a20be905785bbcf466b27cb1031be21c1ecc6f8002cb709ffbc7b09a40d24f1b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 45518
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 22 Feb 2022 19:50:04 GMT
etag: "8ec2a86-1e519-5d8a0a7be1b43-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
192.124.249.35200 OK 4.6 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 192.124.249.35:0
File type ASCII text, with very long lines (15660)
Hash a0083d25b89ea80ecd2393db9f865d62
24eaf2df7c722fb13f2b5bf77ada5ee446720c25
f7533cb93f2efbb9e3bccfa9ff4036a2cafa7dd1bd4d66bea4833306b321e957
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 4614
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: "8dc153e-48b9-5dc6eb878efc0-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/underscore.min.js?ver=1.13.3
192.124.249.35200 OK 7.2 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/underscore.min.js?ver=1.13.3
IP 192.124.249.35:0
File type ASCII text, with very long lines (18876)
Hash f50c037d9600f4800b12c7c1887ce481
9dca5e090fdd523d92df2af5670ba510193c2acd
7e089b45b49183b8981f2ffa13ca9209599b91abb84c17c222fc15f75e644547
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 7198
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
etag: "8dc1467-49df-5dda3c65dd840-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
192.124.249.35200 OK 6.6 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 192.124.249.35:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7af971b915fcd158098937a176c574b7
66a2017e6b32b1affc1399a8fc0e9091c02f1736
08e49238ac48a6c9e29e53fb2180197bbb0cf4d5f4c16d2b2672a04b4aa122ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 6646
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "8e00197-50eb-5dc2a2438e980-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/d3@5/dist/d3.min.js
151.101.85.229200 OK 82 kB URL HTTP/2 cdn.jsdelivr.net/npm/d3@5/dist/d3.min.js
IP 151.101.85.229:0
File type C source, ASCII text, with very long lines (65480)
Hash 1943e5d763eefadd75813d3c163b2319
c148dae37b69a6a04d021c8a4412a7006bf15900
ce269b56ec529a7ce59e3978ee1e46326910a2d0b2175d6a24a5cd0a0bd066c8
GET /npm/d3@5/dist/d3.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.16.0
x-jsd-version-type: version
etag: W/"3c9fa-sIUFUQtxluB6ZBli3anAsQTrylg"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 17 Sep 2022 10:37:19 GMT
age: 29153
x-served-by: cache-fra19171-FRA, cache-bma1649-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 81476
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
192.124.249.35200 OK 1.0 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 192.124.249.35:0
File type ASCII text, with very long lines (3233)
Hash 203bcd93bebe94c45d235a464a3e5022
9833ef2c65c89d41b757f61bc28910a848fbda59
4025ab8dc13843487e74f8679a9eebf1d8af707265e0d8bb58f52988647739d8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 1001
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "8e001c1-d53-5dc2a2438e980-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
192.124.249.35200 OK 3.0 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 192.124.249.35:0
File type ASCII text, with very long lines (10572)
Hash ef27e0a7c1f9bb777e88885d3e096526
22d5f13aa4a6e939a91df57289220f6192096c70
bcb7408432ade4e98398aafdcba3599b9e8ce63e9556d6c1e7029af69b5e6307
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 3004
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "8e0036b-29ff-5dc2a2438e980-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
192.124.249.35200 OK 36 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
IP 192.124.249.35:0
File type ASCII text, with very long lines (65266)
Hash 7204ebed6f104585c281e528b070478f
ebd05ae28110ade913d05be324f26f770998a1ba
bfd7c71bfc74664bb5613fa9afb1443ed67c0c1ca57402dc8ecb121ae1c50cb4
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 35851
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: "8e00392-267aa-5b075c75d5c80-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
192.124.249.35200 OK 479 B URL HTTP/2 michaelshapiromusic.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2
IP 192.124.249.35:0
File type ASCII text, with very long lines (1191), with no line terminators
Hash cc6e4bb0d08a7af642fb5d7d360b2417
81f2d45689b987e71e986648e1a0547cd62dee88
04e59d9a464d53fecbccadfb29b17f093d9495c32fc6fb2c4f0ec4c4d9300038
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.0.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 479
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "8e00380-4a7-5dc2a2438e980-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/themes/sonaar/classic-menu/js/classic.min.js?ver=4.24.1
192.124.249.35200 OK 1.5 kB URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/classic-menu/js/classic.min.js?ver=4.24.1
IP 192.124.249.35:0
File type ASCII text, with very long lines (6773), with no line terminators
Hash 6750366f129b56980c7a7ca01436150c
3fcca52de0919d8eec704aa202525d1a41c39878
655845c91e4694cd8fa41e5329b2316f6363c703be75c3dc39965fab59e709ca
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sonaar/classic-menu/js/classic.min.js?ver=4.24.1 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 1545
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:57:58 GMT
etag: "8ec151b-1a75-5e84fb2895b68-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/wp-util.min.js?ver=6.0.2
192.124.249.35200 OK 647 B URL HTTP/2 michaelshapiromusic.com/wp-includes/js/wp-util.min.js?ver=6.0.2
IP 192.124.249.35:0
File type ASCII text, with very long lines (1305)
Hash 2a76be55e22646ae466bdf7f7b9547f3
9a36bc2691e2bd04a08858a234d017ac87e74745
38aa38eaeb3a904f34a2761068fddf3dc02cce608c7a07c3f45413bd6b378174
GET /wp-includes/js/wp-util.min.js?ver=6.0.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 647
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
etag: "8dc146f-53c-5c59844787880-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/backbone.min.js?ver=1.4.1
192.124.249.35200 OK 7.7 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/backbone.min.js?ver=1.4.1
IP 192.124.249.35:0
File type ASCII text, with very long lines (23894)
Hash 19ef391117c66ab4a55dd814c7c89632
47519cf5089722ea1456e47b32c8b6934f5c75a8
d8bbe89341e354c0ea581a07d3b22573381088215ad821195afa24ef059a974a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/backbone.min.js?ver=1.4.1 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 7726
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 12 Apr 2022 17:17:22 GMT
etag: "8dc153c-5d79-5dc783bdbcc80-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/mediaelement/wp-playlist.min.js?ver=6.0.2
192.124.249.35200 OK 1.0 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/mediaelement/wp-playlist.min.js?ver=6.0.2
IP 192.124.249.35:0
File type ASCII text, with very long lines (3431), with no line terminators
Hash eb3d2621822a24ae1bfe2b27ce1beba8
831125f79cb3e6c67d4c96f98312e3885911683d
31429841ffa96cd713355e8d31f0998a824d3be8b3a56989f39c224f6c4741c1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-playlist.min.js?ver=6.0.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 1009
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 05 Oct 2019 19:49:10 GMT
etag: "8e00385-d67-5942f1cbbd980-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/plugins/themify-audio-dock/assets/scripts.js?ver=2.0.2
192.124.249.35200 OK 282 B URL HTTP/2 michaelshapiromusic.com/wp-content/plugins/themify-audio-dock/assets/scripts.js?ver=2.0.2
IP 192.124.249.35:0
File type ASCII text, with CRLF line terminators
Hash ef007f7e4d705c42cb20396bb76404a0
6c16e32d1c2953930befd1cbf5bacf27abe014a2
3ef3a511abe8221ed9514b692e3d5b3b930e51b4d35a6006b4cc67ced5e97a51
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/themify-audio-dock/assets/scripts.js?ver=2.0.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 282
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 22 Feb 2022 19:42:11 GMT
etag: "8ec0e10-27f-5d8a08b8e8dda-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/themes/sonaar/dist/js/sonaar.scripts.min.js?ver=4.24.1
192.124.249.35200 OK 82 kB URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/dist/js/sonaar.scripts.min.js?ver=4.24.1
IP 192.124.249.35:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a53f8210840da02d360bf5e1662399ab
0c243d2bc47fad89defebbf8fd4e2e3139570248
8180fd53ef1b2ff57ead36d40adbcf36727e42c9f803723098938accc38dd09f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sonaar/dist/js/sonaar.scripts.min.js?ver=4.24.1 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: application/javascript
content-length: 81705
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:56:49 GMT
etag: "8de00c0-42e94-5e84fae5f086a-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
192.124.249.35200 OK 11 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 192.124.249.35:0
File type ASCII text, with very long lines (43771)
Hash 069a79d16ded6a02071f286cd2025c44
dd5970e01b8a10dadcf074f72a1c8095f25e947a
78261bccee805c6913bf7e23e2e25314f05f690300a77a40ca36e1e516b20203
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 10912
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
etag: "8dc055e-15b64-5e2f99fa9e940-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 04afa1ea86e9813270f8ce799afa7a76
3d5902a998cde5ea7b052a21c534f083b7e6b75b
7b7f40e8875b94353d482920274bcbcbe0b49b4b36cdbd8020fd30ebd6f85935
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 17 Sep 2022 10:37:19 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "4F13D0E3175BB573AB2F95485724503F9BFD731D"
Expires: Sat, 17 Sep 2022 22:00:00 GMT
Last-Modified: Sat, 17 Sep 2022 10:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 204
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74c134b58dceb4f7-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6962
Expires: Sat, 17 Sep 2022 12:33:21 GMT
Date: Sat, 17 Sep 2022 10:37:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6962
Expires: Sat, 17 Sep 2022 12:33:21 GMT
Date: Sat, 17 Sep 2022 10:37:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6962
Expires: Sat, 17 Sep 2022 12:33:21 GMT
Date: Sat, 17 Sep 2022 10:37:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6962
Expires: Sat, 17 Sep 2022 12:33:21 GMT
Date: Sat, 17 Sep 2022 10:37:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48175642-3cf3-4778-a740-c2b7f09853e1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48175642-3cf3-4778-a740-c2b7f09853e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1898b54c79423102c5bd010ac7b1220
beba56afde25abd753d162aaaa95b5e01ba60fb6
b93af660bef22579c03f943df26147b9e364915eaf011464d6891331138a2b6b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48175642-3cf3-4778-a740-c2b7f09853e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7465
x-amzn-requestid: 658c3d9d-1527-4126-8639-1e9701ddcda9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ybve0FbpIAMFhhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63215f91-7ac260200d96b950512fe55f;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 04:58:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DFstleiMhGKuPQv-fvlL7TcuhlK6F5tg9j6bOD71i7gL5hvyMW5mOA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:54:56 GMT
age: 45743
etag: "beba56afde25abd753d162aaaa95b5e01ba60fb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 65YRttsQYzjUMMZXrtAFPdgTPNQuRGnLFliXrcoc24iQgrdBCHolNQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:31:11 GMT
age: 43568
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69ca046c-b383-4d64-aef3-fafc193a3eed.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69ca046c-b383-4d64-aef3-fafc193a3eed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 20b6a1689323aa27849ac54176654806
08017e213e903a82b82317bac58ae50383a87123
d3c8c0bcab34e2c113d560b8d3c60c182a8a795d6b69eee9755fde06fa288f46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69ca046c-b383-4d64-aef3-fafc193a3eed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8096
x-amzn-requestid: a9b5fa0b-d412-4550-91fd-49381f23f4f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ykz08EV_oAMFi8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6325001f-456439382bf54272363163c5;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 23:00:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4qi3-PsEx6EVPq3Bkg6i3ZAeOhW1MSHiJ3sXinuL3mOmp1TOfNjguA==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 04:50:58 GMT
age: 20781
etag: "08017e213e903a82b82317bac58ae50383a87123"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f108cfb79dd8405677b7406910d11ba5
5ef30af418df5e44a0927361b679b8117c38c473
b4b973702c6c98eaf28345b019c8cf022e8056e07f508e17d156c9e136f11936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50373a4c-fa87-4ca5-b0b7-67ee2f12abd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7305
x-amzn-requestid: 15096102-8ffe-47df-bfc7-ff1a1fb9fd1e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUqFJmIAMF5Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-5c5ca26a24f39af979c17495;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5lUx834-NLHpKCxmdiAdNxCXqqNKGcDJlt9wmGR-XxdlroBfwVTrNg==
via: 1.1 e943d5f0cbb0d255d29da0ddf6639ba8.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:41:22 GMT
age: 46557
etag: "5ef30af418df5e44a0927361b679b8117c38c473"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F965c1f46-ea3e-498e-b9dd-07a252ce51c2.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F965c1f46-ea3e-498e-b9dd-07a252ce51c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6656c96d31803728c2fcd707289bcd27
5139023bb709d865d26a9b2fac4b02260966c347
41c958a36909953f47208de41fb76081ce2c5bb80afec7c15b7c544b464880b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F965c1f46-ea3e-498e-b9dd-07a252ce51c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6991
x-amzn-requestid: 799f17de-b856-4be7-abbf-0d444f605a94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXe-WE9toAMF41A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fab8e-6f2639d75967c1d2213d2d8b;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:58:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EvWc_HiIQ23ll8soCl8tWfARIqe_B5HKpchZaGKSoZy576KLyjcfCw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:56:33 GMT
age: 45646
etag: "5139023bb709d865d26a9b2fac4b02260966c347"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d46a910081eb782408f1a2fa3c6aabba
28ac45ef155c66dd79a306f14d3b38f597b6a32e
d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ykn5cEnLIAMFrzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BaRpWB_XOMxTJPufnSjd4KSfecRwLe9U5W7uEoXy7pgAa4KSC0n7eg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:03:28 GMT
age: 45231
etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/themes/sonaar/classic-menu/css/classic.css?ver=4.24.1
192.124.249.35200 OK 3.1 kB URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/classic-menu/css/classic.css?ver=4.24.1
IP 192.124.249.35:0
File type ASCII text, with very long lines (28798)
Hash ef2d98df20cbaef38ecb5e4b183e3579
f7068c7f9ba75db5c8c8f5bd2798e2dba091b05e
88b34fa75eee89f945d2c99a39797bbd5ca90e2930c0e93b1a149ad42644b51d
GET /wp-content/themes/sonaar/classic-menu/css/classic.css?ver=4.24.1 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 3119
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:57:59 GMT
etag: "8ec1520-707f-5e84fb28bc0b2-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9
192.124.249.35200 OK 12 kB URL HTTP/2 michaelshapiromusic.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9
IP 192.124.249.35:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 32c1807d8dc131823d042d769cf79bfb
0b1282287b467cd75d8a67e44b0d2742a1e7bd11
699f6983ecf21318c0cf41aa4a18568a3423953113992bbc272544c443cd0f34
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 12175
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 22 Feb 2022 19:50:11 GMT
etag: "8ec2feb-ebe1-5d8a0a830afb2-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
192.124.249.35200 OK 2.4 kB URL HTTP/2 michaelshapiromusic.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 192.124.249.35:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 1d6e4a77fd29a54c63cacf31066fe58e
270a454d2b87b294ddbdb6594d491c7dda637363
46879cca8816e1802c35e96fb5d7d28519994fd9ae41a7b94299057e3f8c7f79
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 2397
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: "8e00381-2bf8-5b075c75d5c80-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
192.124.249.35200 OK 982 B URL HTTP/2 michaelshapiromusic.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
IP 192.124.249.35:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash a43bf1705482324d06adb5d2b644a1a2
599069728988582dee8e5ec6a4a4b37c931adb96
78ae77841e94a99977ad8f5d7e7d6757ddf5b6e4da5b66ee6029ec39be4e2204
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 982
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
etag: "8e00388-105a-58ac1e7924f80-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/regular.min.css?ver=5.12.0
192.124.249.35200 OK 287 B URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/regular.min.css?ver=5.12.0
IP 192.124.249.35:0
File type ASCII text, with very long lines (490), with CRLF line terminators
Hash 80fc94f15e6f600fe4d0f3b01a2b24f4
ef0447af0ae61279f440e995756b16726e9b6db0
f50e62262340e348fc68f6bce5883d3b33a742dfb79c342259019686872265e3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/regular.min.css?ver=5.12.0 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 287
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:57:17 GMT
etag: "8ec1418-2a8-5e84fb0183abc-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/solid.min.css?ver=5.12.0
192.124.249.35200 OK 290 B URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/solid.min.css?ver=5.12.0
IP 192.124.249.35:0
File type ASCII text, with very long lines (482), with CRLF line terminators
Hash 11529a25d41c72908b9e452103175c19
1cf28b16d131d6de1066535cafa66a0b9da52d13
4f1c9afa8ce10909ca8c9ab0bca67af003266948c2c3c3ee34d689746294d479
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/solid.min.css?ver=5.12.0 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 290
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:57:18 GMT
etag: "8ec1419-2a0-5e84fb0186d84-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/brands.min.css?ver=5.12.0
192.124.249.35200 OK 281 B URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/brands.min.css?ver=5.12.0
IP 192.124.249.35:0
File type ASCII text, with very long lines (475), with CRLF line terminators
Hash fe63440d9aab20dbd528d3e5bf0bf465
3358e4949ebb21764fa92c4b72451e4e4a471593
74b70e24507490396fdc0bd6bca511c3c9c78f63f466a8e9a996030ae024032f
GET /wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/brands.min.css?ver=5.12.0 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 281
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:57:18 GMT
etag: "8ec141c-299-5e84fb01ade85-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/plugins/themify-audio-dock/assets/styles.css?ver=2.0.2
192.124.249.35200 OK 5.7 kB URL HTTP/2 michaelshapiromusic.com/wp-content/plugins/themify-audio-dock/assets/styles.css?ver=2.0.2
IP 192.124.249.35:0
File type ASCII text, with very long lines (4841), with CRLF line terminators
Hash da5ef1dbc9bdc7b84aa384eead39eb7b
822e77f9e22b378f0c41c836b082d661c2fe7da8
406c496a1d02645729faad0fd5e2048c4a128207f9d2b8eabd86bb30e4a52134
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/themify-audio-dock/assets/styles.css?ver=2.0.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 5745
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 22 Feb 2022 19:42:11 GMT
etag: "8ec0e11-4256-5d8a08b8e91c2-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/fontawesome.min.css?ver=5.12.0
192.124.249.35200 OK 12 kB URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/fontawesome.min.css?ver=5.12.0
IP 192.124.249.35:0
File type ASCII text, with very long lines (55567), with CRLF line terminators
Hash 4b67163878554472765cc8ef3d5da094
eae9a0a24c0eb14f0248b00ea9845f3b684d6c82
94020b41c263565eae9a3f95eb0fe61ae466cf3b27002326f289c6e21e5de14e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/fontawesome.min.css?ver=5.12.0 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 11695
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:57:18 GMT
etag: "8ec141e-d9cd-5e84fb01d1106-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/themes/sonaar/dist/css/main.min.css?ver=4.24.1
192.124.249.35200 OK 47 kB URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/dist/css/main.min.css?ver=4.24.1
IP 192.124.249.35:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65529), with no line terminators
Hash 90eb052c3ab72082f0ea72884b3d0164
6a2274a605bd467229227f1b6090e2a3886cd7c2
ffa07849266983523c54d9a7e10a685c070e82ffb2aa1571299897d13c2f5d9d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sonaar/dist/css/main.min.css?ver=4.24.1 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:19 GMT
content-type: text/css
content-length: 46918
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:56:49 GMT
etag: "8de00f3-4c039-5e84fae5f1fda-br"
vary: Accept-Encoding
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/?load=custom-style.css&ver=6.0.2
192.124.249.35200 OK 6.1 kB URL HTTP/2 michaelshapiromusic.com/?load=custom-style.css&ver=6.0.2
IP 192.124.249.35:0
File type assembler source, ASCII text, with very long lines (385), with CRLF line terminators
Hash 3b150f774d0a6b9cb7912edad80aa14b
2f247d02aca261370f15e0723b61d42435463ed3
685454f153e5fdb05697104750b9d6e943501a0259f15f9538edc0417c8646e9
GET /?load=custom-style.css&ver=6.0.2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:20 GMT
content-type: text/css; charset: UTF-8; Last-modified: Saturday 17th of September 2022 10:37:20 AM;charset=UTF-8
content-length: 6113
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
vary: Accept-Encoding
content-encoding: br
x-sucuri-cache: EXPIRED
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 10:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 10:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 10:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 10:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 10:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Josefin+Sans:600
142.250.74.10200 OK 895 B URL HTTP/2 fonts.googleapis.com/css?family=Josefin+Sans:600
IP 142.250.74.10:0
Hash 983094f003e21acf9bcd1b31b9538b1b
4d622d831747d02e34cfaeada36f6c606a57f02f
3cf43d85eb6f0eff11f9ad7a4661db8707a2a2fed7e2c5e9a87fd5ab0a531ff7
GET /css?family=Josefin+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Sep 2022 10:37:20 GMT
date: Sat, 17 Sep 2022 10:37:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:400,600
142.250.74.10200 OK 994 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:400,600
IP 142.250.74.10:0
Hash 84b88b1a23464d834e25824a04945f59
ea401ebab93b57921a82f770ca97ba7e0c6a6e22
30d707e72c7b8028c7d0283af1edace2d7039bf573c7354ea224158ec70ef634
GET /css?family=Montserrat:400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Sep 2022 10:37:20 GMT
date: Sat, 17 Sep 2022 10:37:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:600
142.250.74.10200 OK 972 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:600
IP 142.250.74.10:0
Hash ce053905c8309c3f45afcdefa39b00bc
665bf1dbcdb392a0b63aaafc30b92b9df00de3d3
1c37b5f6b5a42fa6af9562fbe62464793a697fcbe87c1a17ee58c70f09d3a4e2
GET /css?family=Montserrat:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Sep 2022 10:37:20 GMT
date: Sat, 17 Sep 2022 10:37:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 10:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Karla:400,700
142.250.74.10200 OK 31 kB URL HTTP/2 fonts.googleapis.com/css?family=Karla:400,700
IP 142.250.74.10:0
Hash 6cc163b7f40e325d01f5c0dd85797efc
4ebcc418a3fdabb530929e0f0e2988dba35524b3
9568ddcf06f8e4fc70dc787b2699985bf182b6d1581c8df9ff0a79503253f5a5
GET /css?family=Karla:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Sep 2022 10:37:20 GMT
date: Sat, 17 Sep 2022 10:37:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:600,700
142.250.74.10200 OK 22 kB URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:600,700
IP 142.250.74.10:0
Hash 63fa722c8451e4d9448dabea12fff443
c63fafcdf043bb61e281c17249ff3e00baa76242
cbdba067cdce7e6141ef065761dce315e8616318d9fc507763b9a12e21d694ba
GET /css?family=Montserrat:600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Sep 2022 10:37:20 GMT
date: Sat, 17 Sep 2022 10:37:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 10:37:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/webfonts/fa-solid-900.woff2
192.124.249.35200 OK 76 kB URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/webfonts/fa-solid-900.woff2
IP 192.124.249.35:0
File type Web Open Font Format (Version 2), TrueType, length 76084, version 330.-16253\012- data
Hash f6121be597a72928f54e7ab5b95512a1
b2c74520c3f506efbfefca867918e5ae28bd5222
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sonaar/includes/sonaar-music/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/solid.min.css?ver=5.12.0
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:20 GMT
content-type: font/woff2
content-length: 76084
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:57:14 GMT
etag: "8ec1406-12934-5e84fafe9cfd0"
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-includes/images/media/audio.png
192.124.249.35200 OK 382 B URL HTTP/2 michaelshapiromusic.com/wp-includes/images/media/audio.png
IP 192.124.249.35:0
File type PNG image data, 48 x 64, 8-bit grayscale, non-interlaced\012- data
Hash 8674614341f1bec5feb22eb7e75adfc0
6e5b0bc0d190f5d0749c281c0c348a4ba67b9ea5
7263d0a183d50bef10e32252611423ff50582aa63f2c82e129742b2d71f3001d
GET /wp-includes/images/media/audio.png HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:20 GMT
content-type: image/png
content-length: 382
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 27 Mar 2014 22:41:14 GMT
etag: "8dc0302-17e-4f59e4854d680"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/uploads/2019/08/cropped-ShapiroinSilverSuitGuitar_BackgroundBlur-32x32.jpg
192.124.249.35200 OK 1.0 kB URL HTTP/2 michaelshapiromusic.com/wp-content/uploads/2019/08/cropped-ShapiroinSilverSuitGuitar_BackgroundBlur-32x32.jpg
IP 192.124.249.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 32x32, components 3\012- data
Hash 0b78f4fe7935285a99a11d0e3f66ae4b
a2cbe7f714f86896a02e6fa46cf3fe3f72a078c2
ad3fae58d60b43d96abfcb3f007e19681458ded17b4ce5b1e19a00b64e090e32
GET /wp-content/uploads/2019/08/cropped-ShapiroinSilverSuitGuitar_BackgroundBlur-32x32.jpg HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:20 GMT
content-type: image/jpeg
content-length: 1047
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 02 Aug 2019 01:02:43 GMT
etag: "8de19d6-417-58f17ea6412c0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/uploads/2019/08/cropped-ShapiroinSilverSuitGuitar_BackgroundBlur-192x192.jpg
192.124.249.35200 OK 4.1 kB URL HTTP/2 michaelshapiromusic.com/wp-content/uploads/2019/08/cropped-ShapiroinSilverSuitGuitar_BackgroundBlur-192x192.jpg
IP 192.124.249.35:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 98e7e1258c68ce3e216455a1594e1971
22b543c0967ad9d778c30751e6356ab55d1b55f6
5d693446d46d0302b90f8a691d82ff42c2d69e59a7d8f9b0544e179ef5727029
GET /wp-content/uploads/2019/08/cropped-ShapiroinSilverSuitGuitar_BackgroundBlur-192x192.jpg HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:20 GMT
content-type: image/jpeg
content-length: 4085
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 02 Aug 2019 01:02:43 GMT
etag: "8de1268-ff5-58f17ea6412c0"
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/webfonts/fa-brands-400.woff2
192.124.249.35200 OK 76 kB URL HTTP/2 michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/webfonts/fa-brands-400.woff2
IP 192.124.249.35:0
File type Web Open Font Format (Version 2), TrueType, length 75936, version 330.-16253\012- data
Hash 822d94f19fe57477865209e1242a3c63
f356aa2e4d9b7245985d312d3bfba180f774e3b7
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/sonaar/includes/sonaar-music/fontawesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://michaelshapiromusic.com/wp-content/themes/sonaar/includes/sonaar-music/fontawesome/css/brands.min.css?ver=5.12.0
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:20 GMT
content-type: font/woff2
content-length: 75936
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 10 Sep 2022 09:57:16 GMT
etag: "8ec140f-128a0-5e84fb005b481"
accept-ranges: bytes
vary: Accept-Encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/uploads/2019/08/MICHAELSHAPIRO_TextLogo_black-75px.png
192.124.249.35200 OK 5.8 kB URL HTTP/2 michaelshapiromusic.com/wp-content/uploads/2019/08/MICHAELSHAPIRO_TextLogo_black-75px.png
IP 192.124.249.35:0
File type PNG image data, 204 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 61fa1335ae60b4833e72c0e2be86be84
24564d93628b30d1b945cd7d14b5c5a8eb8080aa
091642e0f44990b30df4bf208e55aeb300f3a4f6e80ba7d89cacd6046e4564fb
GET /wp-content/uploads/2019/08/MICHAELSHAPIRO_TextLogo_black-75px.png HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 10:37:21 GMT
content-type: image/png
content-length: 5804
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 01 Aug 2019 22:59:17 GMT
etag: "8de19d0-16ac-58f1630f57b40"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: REVALIDATED
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Spinnaker
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Spinnaker
IP 142.250.74.10:0
GET /css?family=Spinnaker HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 17 Sep 2022 10:37:20 GMT
date: Sat, 17 Sep 2022 10:37:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
michaelshapiromusic.com/wp-content/uploads/2018/08/01-Another-Day-Massy-Mix.mp3
192.124.249.35206 Partial Content 0 B URL HTTP/2 michaelshapiromusic.com/wp-content/uploads/2018/08/01-Another-Day-Massy-Mix.mp3
IP 192.124.249.35:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/08/01-Another-Day-Massy-Mix.mp3 HTTP/1.1
Host: michaelshapiromusic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://michaelshapiromusic.com/postaubree/login/login.php
Cookie: PHPSESSID=a88ecf4e09b45451f37c85e50a99e7a4
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Sat, 17 Sep 2022 10:37:20 GMT
content-type: audio/mpeg
content-length: 13073456
x-sucuri-id: 19035
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 07 Aug 2019 06:27:42 GMT
etag: "8de0e43-c77c30-58f8109d41380"
accept-ranges: bytes
vary: Accept-Encoding
content-range: bytes 0-13073455/13073456
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/vue@2/dist/vue.min.js
151.101.85.229200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/vue@2/dist/vue.min.js
IP 151.101.85.229:0
GET /npm/vue@2/dist/vue.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://michaelshapiromusic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.7.10
x-jsd-version-type: version
etag: W/"1a122-JpGjfc26sfHNt8HGLy/F6n5O+68"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 17 Sep 2022 10:37:19 GMT
age: 40846
x-served-by: cache-fra19136-FRA, cache-bma1649-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 38246
X-Firefox-Spdy: h2