r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10611
Expires: Thu, 01 Dec 2022 12:51:33 GMT
Date: Thu, 01 Dec 2022 09:54:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 768
Cache-Control: max-age=89365
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:42 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 10:44:07 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13588
Expires: Thu, 01 Dec 2022 13:41:10 GMT
Date: Thu, 01 Dec 2022 09:54:42 GMT
Connection: keep-alive
vibeswardrobe.com/
198.54.115.112301 Moved Permanently 707 B IP 198.54.115.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 01 Dec 2022 09:54:42 GMT
server: LiteSpeed
location: https://vibeswardrobe.com/
x-turbo-charged-by: LiteSpeed
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 09:18:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2194
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BJdUwHzetvR1e21sYxoy+rLsPjd62FjwA6074jCrHif2f/Z4xupMHixGPlwKC91M7EWbbh5/y6Y=
x-amz-request-id: G64T5JDXP1Q4YX0Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 09:46:13 GMT
age: 509
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 09:54:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 09:08:56 GMT
cache-control: public,max-age=3600
age: 2747
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 3434c51ff5da56634de15b532f641a2e
fccff67dbf6b339e92e2aebe89a85f0098f92a38
f1f183d9acdac69506c496e0c8811c2c66229664469eca290cb74a51674693c2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 09:54:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 07:34:34 GMT
Expires: Tue, 06 Dec 2022 07:34:33 GMT
Etag: "fccff67dbf6b339e92e2aebe89a85f0098f92a38"
Cache-Control: max-age=422989,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772af16c8be0b51e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 782
Cache-Control: max-age=170708
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:43 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:19:51 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.114.252101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.114.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 86jQoV7fyBs/7MWvdReagQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: VIjFYUvvgaT2ViYy4Rc7CC8IUVA=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13075
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 09:54:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13075
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 09:54:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13075
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 09:54:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 43751
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:29:19 GMT
age: 19525
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 10:53:00 GMT
age: 82904
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:21:34 GMT
age: 73990
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 43524
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: eef7d417-c6ca-4e3f-ac00-1425f3d5c4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0TSGHDIAMF_jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdae-467c79a805dfb5622687f628;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: haFJ2LZecbT4HRbkvcaZxR4SAIx5cGxNyghKiDOJVX6xDkPwzc2wNQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:34 GMT
age: 43750
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Cabin%3A400%2C600%7CMontserrat%3A500&display=fallback&ver=3.7.7
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Cabin%3A400%2C600%7CMontserrat%3A500&display=fallback&ver=3.7.7
IP 142.250.74.106:0
Hash 4df14a1dc7cc970f459636ad35364abc
30d97b1a2a4bd61ff2fbbef0b5beb354bf1a4b88
3152ca41cf5a3580867f63675f8846694e74caa8ad646980c769c3b1441ed8ad
GET /css?family=Cabin%3A400%2C600%7CMontserrat%3A500&display=fallback&ver=3.7.7 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vibeswardrobe.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 09:54:46 GMT
date: Thu, 01 Dec 2022 09:54:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.7.7
198.54.115.112200 OK 8.7 kB URL HTTP/2 vibeswardrobe.com/wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.7.7
IP 198.54.115.112:0
File type ASCII text, with very long lines (45376)
Hash 6a0d698d000460c563beb5758aa51199
e1e1aa7349dc1e120291fe5cba6de81fb6f3b410
d4a4d38c1aa33a6a098aa167ba31ea74edf4c9d2fed934ab460bda4c2fdcc884
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/frontend.min.css?ver=3.7.7 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Tue, 01 Mar 2022 16:47:14 GMT
etag: "b98e-621e4e12-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8681
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
198.54.115.112200 OK 1.1 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
IP 198.54.115.112:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash 8f2da34c6f082c7bec00f9cca661fd59
d0de5b6b29a9788a64826b833465a9d08f7c2ab7
d461fea6636b26aab698f636b2518709cb79416c7d3916d6b03497c4d75befdd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 04:22:20 GMT
etag: "1345-622ace7c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1109
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
198.54.115.112200 OK 12 kB URL HTTP/2 vibeswardrobe.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 03:50:43 GMT
etag: "172a9-63745e13-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.7.7
198.54.115.112200 OK 1.9 kB URL HTTP/2 vibeswardrobe.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.7.7
IP 198.54.115.112:0
File type ASCII text, with very long lines (17307), with no line terminators
Hash ee3d3d95d213fdc9e3759978bb38c30e
5baede86dc1b9f8132c771b088f99a862658e194
0f8ddccf97c4eb56295ad9842d7eaf323dff3d7e31674fda2c426efe5140a773
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-layout.min.css?ver=3.7.7 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Tue, 01 Mar 2022 16:47:14 GMT
etag: "439b-621e4e12-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1861
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1669888485
198.54.115.112200 OK 11 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1669888485
IP 198.54.115.112:0
File type Unicode text, UTF-8 text, with very long lines (45870)
Hash c5444c74d4d849bccc4e4e5a8511bf26
568a3811aedd0a4d85a0f8f982302a475560ba80
286a696ec7cd1fdb680d7b7c8c6c1d5255ba8eab0b2f9f939a4abc17fc71671d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/essential-addons-elementor/cb70d11b8.min.css?ver=1669888485 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 02:45:48 GMT
etag: "1e01d-638420dc-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11326
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
198.54.115.112200 OK 20 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
IP 198.54.115.112:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash ed83ae7f29bae4331b7078fabde9755c
7ad970c78ffa03ff4656c1f2fc5c3dc79b690196
e35c6b35b8c7369fcdd04704705011619dac05fc147917d401fc324b16707c02
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 04:22:20 GMT
etag: "333a7-622ace7c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20470
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.7.7
198.54.115.112200 OK 14 kB URL HTTP/2 vibeswardrobe.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.7.7
IP 198.54.115.112:0
File type Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Hash 88dcadb14b48922c0c5888093256f6bc
838b54ac25d6882c95a81320597e3cf9aaaf9867
ab711c4bc2560b0cb754a6f85a79056176ca5f5eff2d972bcf01829f6a3067b4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.7.7 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Tue, 01 Mar 2022 16:47:14 GMT
etag: "199e0-621e4e12-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13801
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woo-variation-swatches/assets/css/frontend.min.css?ver=1659729862
198.54.115.112200 OK 4.1 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woo-variation-swatches/assets/css/frontend.min.css?ver=1659729862
IP 198.54.115.112:0
File type ASCII text, with very long lines (34869)
Hash 84fe7c34d4461d4975f72b3a97300181
00b2164f51f29eabf3eddecffce66e8e6ee06d5f
7b1e54d2bbfcd75d299053753c8e10fc750076d0c0f3c37cdba8121e8cfe2f1f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-variation-swatches/assets/css/frontend.min.css?ver=1659729862 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:04:22 GMT
etag: "8836-62ed77c6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4052
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
198.54.115.112200 OK 3.6 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 198.54.115.112:0
File type ASCII text, with very long lines (19082)
Hash c54194973223c8fb2d65ff2f82892361
5eb520a61c4848ce45e75ae155b9c1c06450dfce
fd060c3033814417ed00d38431de738a353b3af24b3774afb848c157827c13b1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "4ab8-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3603
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8
198.54.115.112200 OK 13 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8
IP 198.54.115.112:0
File type ASCII text, with very long lines (65497)
Hash 06b58d698bdfc97b09d8d0b3abec5194
f4162227a925d6affc5f43d72eab664a633ddc7d
2d12bfa0d75cf9187e096cf425f5bf2bcdb7d338ef210874a6ff812b9a836d99
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:03:15 GMT
etag: "1a5d9-62ed7783-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12896
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/elementor/css/post-2905.css?ver=1669412526
198.54.115.112200 OK 959 B URL HTTP/2 vibeswardrobe.com/wp-content/uploads/elementor/css/post-2905.css?ver=1669412526
IP 198.54.115.112:0
File type ASCII text, with very long lines (8793), with no line terminators
Hash 4723dadf7490555751ad8952b1638075
fc99977558e78ffd1ed03a4ea6ec5b6749039cc4
7036848768adebd47264289305452318c5ae2e6b1d4f1e58a8b858eb5d5007f6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-2905.css?ver=1669412526 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 21:42:06 GMT
etag: "2259-638136ae-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 959
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/elementor/css/post-1128.css?ver=1669305420
198.54.115.112200 OK 2.8 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/elementor/css/post-1128.css?ver=1669305420
IP 198.54.115.112:0
File type ASCII text, with very long lines (18910)
Hash e739e844476a700d1f3d614bd8a9cb3c
767e9ca2df06515080a2a987ed2df0f9dec71bc6
0d26949c803c7c81b7622b8f76f36cf2d814f1da7a892afe99def399cd48c48e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-1128.css?ver=1669305420 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Thu, 24 Nov 2022 15:57:00 GMT
etag: "77a7-637f944c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2772
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
198.54.115.112200 OK 4.0 kB URL HTTP/2 vibeswardrobe.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 198.54.115.112:0
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
etag: "2bd8-5fb577a6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/elementor/css/post-1775.css?ver=1669412526
198.54.115.112200 OK 543 B URL HTTP/2 vibeswardrobe.com/wp-content/uploads/elementor/css/post-1775.css?ver=1669412526
IP 198.54.115.112:0
File type ASCII text, with very long lines (3471), with no line terminators
Hash 2730181cfc6aeb74a07a1e58a818a201
913a55ac5a813c1db83553b170c5d57ecacf93d2
96e885746cea3e4cb0c70383865459f620fe6b15ec21c22d0851b2d168068d46
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-1775.css?ver=1669412526 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 25 Nov 2022 21:42:06 GMT
etag: "d8f-638136ae-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 543
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
198.54.115.112200 OK 30 kB URL HTTP/2 vibeswardrobe.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (65447)
Hash 3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 03:42:17 GMT
etag: "15e54-6361e719-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/elementor/css/post-438.css?ver=1659730028
198.54.115.112200 OK 365 B URL HTTP/2 vibeswardrobe.com/wp-content/uploads/elementor/css/post-438.css?ver=1659730028
IP 198.54.115.112:0
File type ASCII text, with very long lines (1368), with no line terminators
Hash 4bebcbb8ada8987911999ced7b397f48
c858c7d3625692134c800930755df92c9c8faa85
24785e7587c6b0046d980e672dffbae6623a20b0b9ae0d4b3e7b6447d5ff889c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-438.css?ver=1659730028 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:07:08 GMT
etag: "558-62ed786c-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 365
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
198.54.115.112200 OK 286 B URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 198.54.115.112:0
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "29d-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
198.54.115.112200 OK 284 B URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 198.54.115.112:0
File type ASCII text, with very long lines (489)
Hash dc279c928e2924b07a4a7575f8070ee8
0196756cacdb61ef40483af7ea982b699b0933de
80b6d9e3f0304f4199350c6015fd96084646c2a0121332bcb5a46d3956b7df5c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "2a3-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 284
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
198.54.115.112200 OK 12 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 198.54.115.112:0
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "e238-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
198.54.115.112200 OK 4.6 kB URL HTTP/2 vibeswardrobe.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: application/x-javascript
last-modified: Wed, 25 May 2022 03:57:08 GMT
etag: "48b9-628da914-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.2.2
198.54.115.112200 OK 22 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.2.2
IP 198.54.115.112:0
File type ASCII text, with very long lines (65493)
Hash 994b19694644494ab53778f6a8d77bf1
6caaa214627a589d27b729f2e1bb8fbc24850470
55edb78d9d0f81ad158ec41997ae0b2cb4d2f56e2e60ae83eb79dda2da5e852c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.2.2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:46 GMT
content-type: text/css
last-modified: Sun, 09 May 2021 07:33:38 GMT
etag: "337c2-60979052-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21735
date: Thu, 01 Dec 2022 09:54:46 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/elementor/thumbs/Vibes-wardrobe-ruffles-2-scaled-pm7oegxjzsn0dwma1ayyc2iqtloc0rwbd3dixn1mrq.jpg
198.54.115.112200 OK 5.0 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/elementor/thumbs/Vibes-wardrobe-ruffles-2-scaled-pm7oegxjzsn0dwma1ayyc2iqtloc0rwbd3dixn1mrq.jpg
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 155x199, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 14b41a7a63f012055d6a51b0d81721c8
afefa364b83df60cc59f7c86a620d18b8fb25d27
2f1b083ee3f59781168bc64ce5fc8fa277fea915fc8743b299268c12441f5009
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/Vibes-wardrobe-ruffles-2-scaled-pm7oegxjzsn0dwma1ayyc2iqtloc0rwbd3dixn1mrq.jpg HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Sun, 07 Aug 2022 06:45:16 GMT
etag: "1370-62ef5f7c-0;;;"
accept-ranges: bytes
content-length: 4976
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/elementor/thumbs/RUFFLES-3-scaled-pm5w1hpezwu5tm4xuawpdbq9wcwugkdukhqs39071c.jpg
198.54.115.112200 OK 2.5 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/elementor/thumbs/RUFFLES-3-scaled-pm5w1hpezwu5tm4xuawpdbq9wcwugkdukhqs39071c.jpg
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 108x144, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec25e5ae6099b810e6480d62acdd0eac
6586d2b57f207cd38ed9972be17f6fdf52c5d8d8
f078fdbf97e6d76dd70b44d1e1667c4ef25a1362570a7acd5855cba876321732
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/RUFFLES-3-scaled-pm5w1hpezwu5tm4xuawpdbq9wcwugkdukhqs39071c.jpg HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Sun, 07 Aug 2022 00:47:31 GMT
etag: "9aa-62ef0ba3-0;;;"
accept-ranges: bytes
content-length: 2474
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/elementor/thumbs/Vibes-wardrobe-ruffles-scaled-pm7o1fw2ourrd3ise74gzxk3oh1dgewknzfz7gwzog.jpg
198.54.115.112200 OK 2.6 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/elementor/thumbs/Vibes-wardrobe-ruffles-scaled-pm7o1fw2ourrd3ise74gzxk3oh1dgewknzfz7gwzog.jpg
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 108x144, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1750ef7888f1ace0e04065fc8a75ec87
cad060fde51ab69fb27b82f16a595540dc2c4d09
368634e4abfac5b27554bb2f6285ca782bdb59a10800847e82ea5c2299293605
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/thumbs/Vibes-wardrobe-ruffles-scaled-pm7o1fw2ourrd3ise74gzxk3oh1dgewknzfz7gwzog.jpg HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Sun, 07 Aug 2022 00:47:28 GMT
etag: "9f8-62ef0ba0-0;;;"
accept-ranges: bytes
content-length: 2552
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.1.9
198.54.115.112200 OK 12 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.1.9
IP 198.54.115.112:0
File type ASCII text, with very long lines (59158)
Hash 178f113615fea1b059cb42a9fcc9bb3d
a309d33fbab460ecc17467c18f99825c03ce039c
9fc6c8540b2078cfcec74cbd21ef6cedf7e2a4ec99d46a4868111eb601572859
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.1.9 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "e7d0-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12380
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=5.1.9
198.54.115.112200 OK 4.0 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=5.1.9
IP 198.54.115.112:0
File type ASCII text, with very long lines (26516)
Hash 32699c444a181cd316ee6cb56688144a
1366537c3db165e86947a2e963407283a1ea5b58
6b6910bbb4dacf40ae040c445dd7dd1871097c97a1520b6d5f528d7d88c072a4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=5.1.9 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "684e-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3987
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.8
198.54.115.112200 OK 2.4 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.8
IP 198.54.115.112:0
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.8 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: text/css
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "4824-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.3.1
198.54.115.112200 OK 857 B URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (3287), with no line terminators
Hash f91b0cde1c3ae9c4865dbe50b94b7e96
26c7baee70eca5d442f5f30a7c0ccd0a6187c105
224aecccc666e90a5607c1ee584952f275cae6c6f8cad50f9d9834d7499c4bd9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "cd7-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 857
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.3.1
198.54.115.112200 OK 1.7 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (7887), with no line terminators
Hash 494afef7fdbd631433fe8b40049c9733
e927f43e6ee2f70854247363612dab1107c514ad
54b56f475540254274fa193380ab680e39913768d9a227660bd571bba3456b7f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: text/css
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "1ecf-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1728
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.7.7
198.54.115.112200 OK 684 B URL HTTP/2 vibeswardrobe.com/wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.7.7
IP 198.54.115.112:0
File type ASCII text, with very long lines (2677), with no line terminators
Hash ac26933c3b2a9186f80ec02ebb1884fa
19275bb31e804b33dd924d353afcf88c5a13e27d
dafd24917b3955ba0f9408870d42b512dcbb8df77f72ed04a1eff25805d8ef4c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/js/minified/mobile-cart.min.js?ver=3.7.7 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Mar 2022 16:47:14 GMT
etag: "a75-621e4e12-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 684
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArya%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBentham%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDomine%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.106200 OK 6.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArya%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBentham%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDomine%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.106:0
Hash 5ccf9794b97b845c0088a8c039ded14d
4f36c58451921d16b70abc8d94286bb478dedd69
264036aebe35425d7ef5ebdcdeed7987fc5ba68038e0d415bed44d8dd6f5a1ae
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CArya%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CBentham%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CDomine%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vibeswardrobe.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 09:54:46 GMT
date: Thu, 01 Dec 2022 09:54:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
198.54.115.112200 OK 677 B URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "85b-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-includes/js/wp-util.min.js?ver=6.1.1
198.54.115.112200 OK 690 B URL HTTP/2 vibeswardrobe.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (1391)
Hash ebe552e54e3815c6867913d252ff2a79
4982bd9ba944833e821be18419ad8408290f5d75
8b0aedc73b1d41ab59c0ad42553259c90458cfb72b149946a3bae3298c012e40
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 03:42:17 GMT
etag: "592-6361e719-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 690
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
198.54.115.112200 OK 934 B URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "b7a-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
198.54.115.112200 OK 3.2 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (9139)
Hash 2289a47b9cb9b09edb011970c0c2d4f5
1845b95796da67d0024f04f8aa419e065b3bf0de
c58f03d19efbce8043e675d39f3f7e30f6f999a9e1f7ae46b01058d31451a233
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "253d-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3245
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
198.54.115.112200 OK 970 B URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
IP 198.54.115.112:0
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 155d874ef60217f790dedec58e83d832
42a2698adec25b2000046cf7e3818e6478951fc3
c6801f4d5dcdd86ba3e33dc35a8765c03fd55e9f621443dd0fb7cd8c8e6707da
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "bdd-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 970
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8
198.54.115.112200 OK 2.0 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8
IP 198.54.115.112:0
File type ASCII text, with very long lines (4918)
Hash 1351c292432d15644c412893df432b58
42aa483635a40136dea78fe93406be8fcd0ff737
3b92e5b2b66dbc7b2f96f42b338475ab47777c9cad6db58710f00db5dfda4f38
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 05 Aug 2022 20:03:15 GMT
etag: "135d-62ed7783-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2044
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.2
198.54.115.112200 OK 2.3 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.2
IP 198.54.115.112:0
File type ASCII text, with very long lines (5493)
Hash 87658612d482180c9a8fe9b9394ba541
3fb7c392bf00449bbd9ed95046a78f4676676385
1a3ddf89c53eeffa82d420f8eda88c1258b7c38ecdd2fe5e0022b95e09139ebb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.2.2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Sun, 09 May 2021 07:33:38 GMT
etag: "15a0-60979052-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2265
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.2.2
198.54.115.112200 OK 1.8 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.2.2
IP 198.54.115.112:0
File type ASCII text, with very long lines (6595), with no line terminators
Hash bc7ad49bba8c6fece75cf20e318bde6d
329866570ac3995fb33f1f6b55e6ea3d3c85d25b
479c4099528678e6689805bc618a02c300d62a0f5b41800672c57fb1a458a50e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.2.2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Sun, 09 May 2021 07:33:38 GMT
etag: "19c3-60979052-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1767
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
198.54.115.112200 OK 899 B URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "72a-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woo-variation-swatches/assets/js/frontend.min.js?ver=1659729862
198.54.115.112200 OK 3.5 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woo-variation-swatches/assets/js/frontend.min.js?ver=1659729862
IP 198.54.115.112:0
File type ASCII text, with very long lines (12750), with no line terminators
Hash cd766341e45b62b9b5091d8d5d751471
a2b14f387406f1f538fbfaa63c51462e57e8717a
9c0803ab7e690bec83ed0a19629cddc50c95b003ea1a7a7c3b5f06d984085e45
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-variation-swatches/assets/js/frontend.min.js?ver=1659729862 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 05 Aug 2022 20:04:22 GMT
etag: "31ce-62ed77c6-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3472
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
198.54.115.112200 OK 2.9 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 198.54.115.112:0
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "2fa6-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.2.2
198.54.115.112200 OK 16 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.2.2
IP 198.54.115.112:0
File type Unicode text, UTF-8 text, with very long lines (57080)
Hash 81bde98c3047b9d869a7b0140340335b
7bc75aef778a0d5a7e4e62e91bb67795d5ae8b6e
4e820eeeecfe470e9504595ebe8954486004ef48a1101c5687c2b8334066133d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.2.2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Sun, 09 May 2021 07:33:38 GMT
etag: "df25-60979052-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15489
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=5.1.9
198.54.115.112200 OK 4.0 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=5.1.9
IP 198.54.115.112:0
File type ASCII text, with very long lines (14869)
Hash 564f097cf1c91789ede5935f27f4f879
7d08e220324006fe221bbc176df2051be8fc1f31
2de1ed7e80ab790199f4b3785fd3ac2494e039a96e55c67e76ea88244dfc93e4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=5.1.9 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "3acf-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4035
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1669888485
198.54.115.112200 OK 17 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1669888485
IP 198.54.115.112:0
File type ASCII text, with very long lines (62909), with CRLF line terminators
Hash 271560b0748716abfe579eb724a45032
004b1b515fa0e591a11f13e1cb22635384fe5ff4
c9003e5d8ed5f6631fa4b0dc0494cef2cfa62a6d3e3588894d7eabb6285fcf85
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/essential-addons-elementor/cb70d11b8.min.js?ver=1669888485 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Mon, 28 Nov 2022 02:45:48 GMT
etag: "f5fa-638420dc-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16600
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-includes/js/underscore.min.js?ver=1.13.4
198.54.115.112200 OK 7.2 kB URL HTTP/2 vibeswardrobe.com/wp-includes/js/underscore.min.js?ver=1.13.4
IP 198.54.115.112:0
File type ASCII text, with very long lines (18798)
Hash f4bb18d2e152ba945cb63980362f40e9
925f93a6c4ee411e97d8dc3186f9d66c4b5169ab
16ab496a6c74f5f272f7a5c31e9cb69c753fea994396ef6deacf641180ad317b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 03:42:17 GMT
etag: "4991-6361e719-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7179
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
198.54.115.112200 OK 6.9 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (25115)
Hash e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Sun, 09 May 2021 07:33:38 GMT
etag: "6272-60979052-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6935
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
216.58.207.227200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 26100, version 1.0\012- data
Hash 312bcfa92b0b0a09c3f404b2c662a0b6
5398ff9ee3c10bffc54e3a9f7e5e7506a822b38a
979caf94add5b00ec59d8abde43d200523745c2f4b105c2906f4d9dda4afaeec
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vibeswardrobe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26100
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 23:53:10 GMT
expires: Sat, 25 Nov 2023 23:53:10 GMT
cache-control: public, max-age=31536000
age: 468097
last-modified: Fri, 24 Jun 2022 18:41:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
216.58.207.227200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 12820, version 1.0\012- data
Hash 3f2f6d9e64a95a40ea5dedfc91f42a95
9cd9f5a2f86f1d42390141d91619a0aa41a276b7
ed121b1a8fbf30998a4ed0a7c8343abe9091ac4744f1c24b602b5d3f962bdb78
GET /s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vibeswardrobe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 03:16:27 GMT
expires: Sat, 25 Nov 2023 03:16:27 GMT
cache-control: public, max-age=31536000
age: 542300
last-modified: Mon, 11 Jul 2022 18:56:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvp9nsBXw.woff2
216.58.207.227200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvp9nsBXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 13808, version 1.0\012- data
Hash b9cf0889911ac57ee24c7c6886e50070
13c5cea6cedf0ccb68abf357fabe33d5f5477d5f
4190f73db7190e7ec4fc39666881acd3920fa73ab44c12bf7e8a6e5a76191e44
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvp9nsBXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vibeswardrobe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13808
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:37:34 GMT
expires: Wed, 29 Nov 2023 18:37:34 GMT
cache-control: public, max-age=31536000
age: 141433
last-modified: Fri, 24 Jun 2022 18:41:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vibeswardrobe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:29:21 GMT
expires: Fri, 24 Nov 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 595526
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 27624, version 1.0\012- data
Hash 1f72af2c5d07489f5ac244943db9d7eb
49aa6096e9b9b9d4949a79794a72cb31b744d0de
02fbcf6cd136ae3bfc98aecbbc0f0b1f348c05d96390d63a89cdc323a6dda70c
GET /s/domine/v19/L0x8DFMnlVwD4h3hu_qn.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vibeswardrobe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27624
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:06:06 GMT
expires: Wed, 29 Nov 2023 15:06:06 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 19:06:59 GMT
content-type: font/woff2
age: 154121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vibeswardrobe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 51957
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vibeswardrobe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 51957
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://vibeswardrobe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 51957
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 09:54:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vibeswardrobe.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8
198.54.115.112200 OK 10 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8
IP 198.54.115.112:0
File type Unicode text, UTF-8 text, with very long lines (32569)
Hash 85a0689ff7e03948cb3d2f8b09cbab11
52beed2272279ba014a0d871d976e76dc1e184b3
e41c2e1ca09c832e901634d8ef9b7efd75f2460664613342126e98cabb5dc9a7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "7f61-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10380
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
198.54.115.112200 OK 6.8 kB URL HTTP/2 vibeswardrobe.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 198.54.115.112:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 3d0ff0f6731d9cef860af9a5a0e3ce62
13aed444304d782039e261475c8b4450b83e743e
e8d05db77732c71843ced6f386ea82eb32243ac36e7ca3e071cb7f53e2ffbce5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Wed, 02 Nov 2022 03:42:17 GMT
etag: "53c0-6361e719-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6800
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8
198.54.115.112200 OK 12 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8
IP 198.54.115.112:0
File type ASCII text, with very long lines (40438)
Hash e6ffbbcc6ba757c437c93c5178d5ac48
3dceb3c5f095ff6d5b7547a3d6cfb3900bad4bbf
e9f427cf1dd5baec321a43ac7fca0dea64ee301b6a734a35f41959ec81426d19
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "9e1d-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11709
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.3.1
198.54.115.112200 OK 1.0 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (2600)
Hash 58ae168dadba117e645a850bb22c9e48
b397d052c90ecf4b48209a86ecf72bbe90a0d87f
8adec06492eb0bb02580aef8f86d4a420997a8d56393d526785498e266d1af06
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "a6a-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1041
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.2.1
198.54.115.112200 OK 339 B URL HTTP/2 vibeswardrobe.com/wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.2.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (754), with no line terminators
Hash f4cea5c82bb62f34a31f39a322513366
bab5dfb3f8d04b76f83ca994798534e697b85290
5b00e0c1288d5d1f1df303a55bd0ff67d9acf5b734bc0093a651727c48a077ff
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/wpforms-lite/assets/js/integrations/elementor/frontend.min.js?ver=1.7.2.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Tue, 01 Mar 2022 15:14:40 GMT
etag: "2f2-621e3860-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 339
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.3.1
198.54.115.112200 OK 3.4 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (13590), with no line terminators
Hash 82352cd449ef5c2c92f7eae92a6841b5
ca4642f38f955ef0f42c1e6867b3cea7b26e552e
7d2428449304c3235523698b87acf2c2ebed5304f3cfd7a073abe62e9456d31a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "3516-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3419
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.3.1
198.54.115.112200 OK 3.4 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.3.1
IP 198.54.115.112:0
File type HTML document, ASCII text, with very long lines (9566)
Hash f9cdceefe66772e230b2d0ea9e99a28f
eada0327833145519f77758d3dd50911293369ed
0fa79d5a36f3384d3103405632303ad5a3ed7b119613ce342701714dff95a9ec
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "25cd-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3431
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.2.2
198.54.115.112200 OK 12 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.2.2
IP 198.54.115.112:0
File type ASCII text, with very long lines (51169)
Hash b7b99a46d14d10cf6f2b79f82b1a503a
7d0fde38bc0c4f5b293ba79191594084bdb47636
e3b61fdb0a215e660253fbf927fb7b35579e916dc7446193a83b452c6c9616e4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.2.2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Sun, 09 May 2021 07:33:38 GMT
etag: "c80c-60979052-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12176
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.3.1
198.54.115.112200 OK 12 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (31256)
Hash 11ff6248c4f418448f3938f9ec64b7e4
1de818c6e12686a7f078e00ec25525392cfe6f7a
e8b092d49e81129999e7a2400baec3a097c3c598af6ba5fc3047914ce4eede7b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "7a7d-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11611
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.3.1
198.54.115.112200 OK 6.3 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.3.1
IP 198.54.115.112:0
File type ASCII text, with very long lines (22772), with no line terminators
Hash 57c549d7a9f0a5ea6910c21428d3ce51
9ea15a9993ec0db95930e0090c83b7f2b88b5df3
fdef8725eaa6f4e950c3170c6104d63892e34e42d8dcc00dfce6a73e6dda446a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "58f4-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6276
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.3.1
198.54.115.112200 OK 1.7 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.3.1
IP 198.54.115.112:0
File type Unicode text, UTF-8 text, with very long lines (6357), with no line terminators
Hash 70cc8e74d2d4626148acba55a4608dbd
d57045f3e31a245e6ebf818adf17886a83c1043c
764428782a932f7646daef46e5dbbb5062ba578de2bf7e2050ccaa12df789138
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.3.1 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Mar 2022 04:22:21 GMT
etag: "18d8-622ace7d-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1712
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.7.7
198.54.115.112200 OK 820 B URL HTTP/2 vibeswardrobe.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.7.7
IP 198.54.115.112:0
File type ASCII text, with very long lines (5985), with no line terminators
Hash 3a408d8991f7ecad01d07ed951df7d39
75922587c1255452e85daec21697daf4e0073184
e83bcd35725b609cd59fad0580ff24e360d15d70e9c480830e937c1ef23d430c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce-smallscreen.min.css?ver=3.7.7 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: text/css
last-modified: Tue, 01 Mar 2022 16:47:14 GMT
etag: "1761-621e4e12-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 820
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
198.54.115.112200 OK 78 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 198.54.115.112:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.1.9
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/font-woff2
etag: "13174-62ed7782-0;;;"
accept-ranges: bytes
content-length: 78196
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
198.54.115.112200 OK 13 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 198.54.115.112:0
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.1.9
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/font-woff2
etag: "33dc-62ed7782-0;;;"
accept-ranges: bytes
content-length: 13276
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/woocommerce/assets/fonts/star.woff
198.54.115.112200 OK 1.3 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/woocommerce/assets/fonts/star.woff
IP 198.54.115.112:0
File type Web Open Font Format, CFF, length 1304, version 1.0\012- data
Hash 335cbf607c55aa32fd06809d1f9eb127
e70dd0cd93614997e251f26477ea815435981e19
d87af7a2528beb59a990e0414df87b4e4115f77f3a4a750f6616ff189b70345a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/fonts/star.woff HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://vibeswardrobe.com/wp-content/themes/astra/assets/css/minified/compatibility/woocommerce/woocommerce.min.css?ver=3.7.7
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/font-woff
etag: "518-622ace7d-0;;;"
accept-ranges: bytes
content-length: 1304
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
198.54.115.112200 OK 77 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 198.54.115.112:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=5.1.9
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: application/font-woff2
etag: "12bdc-62ed7782-0;;;"
accept-ranges: bytes
content-length: 76764
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/Free-Delivery-300x154-1.png
198.54.115.112200 OK 7.8 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/Free-Delivery-300x154-1.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a639ea6af2d55d78b8fb7de463e9c477
1fbe2a0928ab5fd72f770dcb2286def65f032ba7
aa80cbcd9f2238d41e7234a3206782a99b32e30c3c049a819e75bba11237a34b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/Free-Delivery-300x154-1.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Thu, 24 Nov 2022 15:29:08 GMT
etag: "1e9c-637f8dc4-0;;;"
accept-ranges: bytes
content-length: 7836
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/banknotes-512.png
198.54.115.112200 OK 18 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/banknotes-512.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5a019311ee45e36c27d471239e48b8e7
cc61aa49dcaa543074966bfc8fc8c36053d2467e
be1083af9fe3f653b255183566f3a51cb68d6eb3c0e02e9582d92fbbc33b185d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/banknotes-512.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Thu, 24 Nov 2022 15:33:20 GMT
etag: "4724-637f8ec0-0;;;"
accept-ranges: bytes
content-length: 18212
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/07/cropped-Vibes1-288x84.png
198.54.115.112200 OK 7.4 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/07/cropped-Vibes1-288x84.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5b89987f57b6a657da69f8ce9face216
4bcbac81e911d8e294b892736ea60d2750f8dda4
4db3b9d0ca6c57c0856e2dd8e1cc6873b5f98bd396d3bf543ee026688c5962b9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/cropped-Vibes1-288x84.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Sat, 05 Nov 2022 22:23:45 GMT
etag: "1cce-6366e271-0;;;"
accept-ranges: bytes
content-length: 7374
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/online-support-512.png
198.54.115.112200 OK 19 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/online-support-512.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a49ed391f3e1421e2f9d03a4e56fc805
fc09a7722d2cd0e2e4e7b3a577f35b9e3feb7f14
bf0b0f047839c37f26c81e13acbe018fc861c30b43b001940fc8daa5179321ca
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/online-support-512.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Thu, 24 Nov 2022 15:48:46 GMT
etag: "48fa-637f925e-0;;;"
accept-ranges: bytes
content-length: 18682
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/10/1-VIBES-WEB-MOB-BOX-.png
198.54.115.112200 OK 56 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/10/1-VIBES-WEB-MOB-BOX-.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x1080, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4a5c67e78dff24c564eb97dd607a8114
7655f7820465b2ce332a55bcb698b52be5e2b65d
f0ab59bfb97ea681d89dabced7375a3d16680f5f6322ad862ceade3262e109d8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/10/1-VIBES-WEB-MOB-BOX-.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Wed, 19 Oct 2022 12:06:28 GMT
etag: "daf0-634fe844-0;;;"
accept-ranges: bytes
content-length: 56048
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/MOB-9-300x300.png
198.54.115.112200 OK 15 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/MOB-9-300x300.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 67bb80c965d033917c5c97f05f8f3a10
68a6654a49b9e664fd224b87245d46848ed64d28
4cc6dce20be8f8160368fd2f39505528e92133cf308c703525231bd743b7e877
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/MOB-9-300x300.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Wed, 16 Nov 2022 02:16:08 GMT
etag: "3b52-637447e8-0;;;"
accept-ranges: bytes
content-length: 15186
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/MOB-12-300x300.png
198.54.115.112200 OK 12 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/MOB-12-300x300.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 75a2a29416fca4f50744301c1caa992c
905cb80b164439c4d9eef2edfcfeb4ef1e5a40bf
ae2627055a73077c5dfda103da0e17ca29d197c283a05b5713130b6208c643f0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/MOB-12-300x300.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Wed, 16 Nov 2022 02:14:27 GMT
etag: "302a-63744783-0;;;"
accept-ranges: bytes
content-length: 12330
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/08/VIBES-Men-shirts.webp
198.54.115.112200 OK 45 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/08/VIBES-Men-shirts.webp
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5243e08b5c196a4960ae21afd46e2e8b
a2e0875400d74c141a8c5a03a3f88a9a9a78211d
f5f1390b65e7da60ca560171ee5989cdf151d8ef9e26238df5583011fd2f0cbb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/VIBES-Men-shirts.webp HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Sat, 06 Aug 2022 23:14:52 GMT
etag: "b0da-62eef5ec-0;;;"
accept-ranges: bytes
content-length: 45274
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/MOB-13-300x300.png
198.54.115.112200 OK 9.7 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/MOB-13-300x300.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ad5453b701ce18f385033129f573669a
eba99a082b63560783832e032cdb1e193e3c300d
0d958a1ca27f5288c24c884d161c27a5c95eb3f90887755acef0bb7c247f0409
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/MOB-13-300x300.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Wed, 16 Nov 2022 02:18:09 GMT
etag: "25b8-63744861-0;;;"
accept-ranges: bytes
content-length: 9656
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/MOB-10-300x300.png
198.54.115.112200 OK 8.6 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/MOB-10-300x300.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 60711140c319b9aa5a4e6942d43593ea
78619528e4d5dbba4a368dc57cf4e8f2b82aeeb5
90d39f0400d4934bf9163b95467da6db6b551c45b3dd0b3b3ce311ac2038c90f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/MOB-10-300x300.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Wed, 16 Nov 2022 02:20:17 GMT
etag: "2176-637448e1-0;;;"
accept-ranges: bytes
content-length: 8566
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/08/VIBES-Women-shirts.webp
198.54.115.112200 OK 76 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/08/VIBES-Women-shirts.webp
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b86d3eedb1630936d6da5e0ff5d2b0c0
aca6b8b2508217957e87e456b38649f3ab9d78f6
8b5a6936900d5a3776ede81ea1a7d63c0cb52e4c082fca070bfd16048e4bdc05
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/VIBES-Women-shirts.webp HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Sat, 06 Aug 2022 23:13:33 GMT
etag: "12920-62eef59d-0;;;"
accept-ranges: bytes
content-length: 76064
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/08/VIBES-Men-shoes.webp
198.54.115.112200 OK 153 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/08/VIBES-Men-shoes.webp
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 153 kB (153406 bytes)
Hash 5bd05ef951a661c6b9ec9e9ecd4dde69
f84e3c1142233f37ccd9f6d6dd80375a5bf9583c
6757db57520ebac72b7493991ac806d1e7ebd68b2623d1e02d216ab80f21f1ca
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/VIBES-Men-shoes.webp HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:47 GMT
content-type: image/webp
last-modified: Sat, 06 Aug 2022 23:14:31 GMT
etag: "2573e-62eef5d7-0;;;"
accept-ranges: bytes
content-length: 153406
date: Thu, 01 Dec 2022 09:54:47 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.6da75281e733e539a9ad.bundle.min.js
198.54.115.112200 OK 1.1 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.6da75281e733e539a9ad.bundle.min.js
IP 198.54.115.112:0
File type ASCII text, with very long lines (3155)
Hash 2e06d564180ca6de2b96c4b51d3dd89e
7598b842d894bc40fd8e685a3bc68122473eeb34
e79b116d4f37b6df9ba0810ab330fd77c932fe9b9f52acdd233a90a4afe7fd48
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.6da75281e733e539a9ad.bundle.min.js HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:48 GMT
content-type: application/x-javascript
last-modified: Sun, 09 May 2021 07:33:38 GMT
etag: "c7e-60979052-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1074
date: Thu, 01 Dec 2022 09:54:48 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
198.54.115.112200 OK 34 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 198.54.115.112:0
File type ASCII text, with very long lines (65280)
Hash 83a90323ac82b98062b4b2c8ac8c5051
d7d376677e3546b756b4fec6219be72b85c4f8f5
7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:48 GMT
content-type: application/x-javascript
last-modified: Fri, 05 Aug 2022 20:03:14 GMT
etag: "21f91-62ed7782-0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34004
date: Thu, 01 Dec 2022 09:54:48 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/3a-Vibes-Web-Phone-Cover.png
198.54.115.112200 OK 49 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/3a-Vibes-Web-Phone-Cover.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 31f54c743631637ddb3e085b6b187dd4
b4a17f7e37873dbc742d25db181ca3dbffc68937
7da520b359abc7e0a73658e6cb380cd9d4548fc612a9a50e1aeb17734d9c5180
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/3a-Vibes-Web-Phone-Cover.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:48 GMT
content-type: image/webp
last-modified: Tue, 15 Nov 2022 02:01:40 GMT
etag: "bf46-6372f304-0;;;"
accept-ranges: bytes
content-length: 48966
date: Thu, 01 Dec 2022 09:54:48 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/6-Vibes-Web-Cover6-2.png
198.54.115.112200 OK 52 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/6-Vibes-Web-Cover6-2.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6187215d23aee20ac9a164751f3afc64
e78777bcfe22e20ee7f48f3fb4df9a4763824d77
15a0c952019bdc25aa96baeee2f1b2fd57121562f2a977a781264f768ff99bff
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/6-Vibes-Web-Cover6-2.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:48 GMT
content-type: image/webp
last-modified: Sat, 05 Nov 2022 18:52:48 GMT
etag: "cc6e-6366b100-0;;;"
accept-ranges: bytes
content-length: 52334
date: Thu, 01 Dec 2022 09:54:48 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/?wc-ajax=get_refreshed_fragments
198.54.115.112200 OK 566 B URL HTTP/2 vibeswardrobe.com/?wc-ajax=get_refreshed_fragments
IP 198.54.115.112:0
File type JSON data\012- , ASCII text, with very long lines (566), with no line terminators
Hash beb7cc69608766aa65b7beb5d692d879
2d3d472bbe6d26e05f25b7ef5e9d76657f659d1d
6ab087e044eeb49245baa50c53c3248697bac6cdab3c1cbf28653da4c657eaa8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://vibeswardrobe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://vibeswardrobe.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-length: 566
date: Thu, 01 Dec 2022 09:54:48 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
198.54.115.112200 OK 92 kB URL HTTP/2 vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
IP 198.54.115.112:0
File type Web Open Font Format (Version 2), TrueType, length 92444, version 1.0\012- data
Hash e5d9164498f1649084fe6fb95d3ad593
29e71123f8ef22f20f8d50bc4caac9db6e04a824
1525cd3ea05d1c00e4b385e781749c3bac5c01570b5800198bec0a252bb6c715
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0 HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://vibeswardrobe.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:48 GMT
content-type: application/font-woff2
etag: "1691c-62ed7782-0;;;"
accept-ranges: bytes
content-length: 92444
date: Thu, 01 Dec 2022 09:54:48 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/cropped-Vibes-192x192.png
198.54.115.112200 OK 1.5 kB URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/cropped-Vibes-192x192.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 192x192, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0ab85892fafcf267d48413280130540a
50f9e20b5c5a4caa6688539577ce1ca3e033eb0d
3fc98fa113ebb59dda652db9821357be96b56e1acaac5ea3df6e30ad8ea34a84
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/cropped-Vibes-192x192.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:48 GMT
content-type: image/webp
last-modified: Sat, 05 Nov 2022 22:23:28 GMT
etag: "5ec-6366e260-0;;;"
accept-ranges: bytes
content-length: 1516
date: Thu, 01 Dec 2022 09:54:48 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/wp-content/uploads/2022/11/cropped-Vibes-32x32.png
198.54.115.112200 OK 448 B URL HTTP/2 vibeswardrobe.com/wp-content/uploads/2022/11/cropped-Vibes-32x32.png
IP 198.54.115.112:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6abc6b8ec54765289db7d65501399a6e
053c0f5c1bb485b4eb78d84ba046f56ec7f4a34a
1e4d2a8eb019d3ae35981c07606b587d592e3f5a52e003c6676bc9953eda1ef2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/cropped-Vibes-32x32.png HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vibeswardrobe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 01 Dec 2023 09:54:48 GMT
content-type: image/webp
last-modified: Sat, 05 Nov 2022 22:23:29 GMT
etag: "1c0-6366e261-0;;;"
accept-ranges: bytes
content-length: 448
date: Thu, 01 Dec 2022 09:54:48 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
vary: Accept
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
vibeswardrobe.com/
198.54.115.112200 OK 0 B IP 198.54.115.112:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: vibeswardrobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
link: <https://vibeswardrobe.com/wp-json/>; rel="https://api.w.org/", <https://vibeswardrobe.com/wp-json/wp/v2/pages/1128>; rel="alternate"; type="application/json", <https://vibeswardrobe.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 09:54:45 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2