Report - 18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf

Report Overview

Submitted URL
18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
IP
119.18.58.80
ASN
#394695 PUBLIC-DOMAIN-REGISTRY
Submitted
2022-12-02 17:43:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
124

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
18fire.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	444 B	603 B	119.18.58.80
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	52 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.240.159.184
www.18fire.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	50 kB	1.5 MB	119.18.58.80
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	258 kB	216.58.207.227
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	307 B	6.3 kB	142.250.74.170
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	823 B	2.3 kB	142.250.74.106
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	Phishing
2022-12-02	medium	www.18fire.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.3.3	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=2.3.3	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/css/frontend-currency-selector-menu.css?ver=5.4.12	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.2.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=4.3.6	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/size-chart-woocommerce/includes/css/ocscw_front_style.css?ver=1.0.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.3.6	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=5.4.12	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.17	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/slick/slick.css?ver=1.6.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.min.css?ver=1.3.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=1.0.5	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/style.css?ver=5.4.12	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/css/font-awesome.min.css?ver=4.2.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/css/plaza-font.css?ver=1.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/css/animate.css?ver=5.4.12	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/css/owl.carousel.css?ver=1.3.3	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/css/stroke-gap-icons.css?ver=1.0.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/css/opt_css.css?ver=1.0.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/mega_main_menu/framework/src/css/icomoon.css?ver=2.2.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/css/bootstrap.min.css?ver=3.2.0	Phishing
2022-12-02	medium	www.18fire.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-selector-menu.js?ver=5.4.12	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17	Phishing
2022-12-02	medium	www.18fire.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/size-chart-woocommerce/includes/js/ocscw_front_script.js?ver=1.0.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/TimeCircles.js?ver=1	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=4.9.512	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/css/theme1.css?ver=1.0.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=4.9.512	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/slick/slick.min.js?ver=1.6.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.jquery.min.js?ver=1.3.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.proto.min.js?ver=1.3.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-media.js?ver=1.0.6	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0.7	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/modernizr.custom.min.js?ver=2.6.2	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/superfish/superfish.min.js?ver=1.3.15	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/jquery.shuffle.min.js?ver=3.0.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/jquery.mousewheel.min.js?ver=3.1.12	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/jquery.countdown.min.js?ver=2.0.4	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/jquery.counterup.min.js?ver=1.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/variables.js?ver=20140826	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/js/theme-monsta.js?ver=20140826	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.0	Phishing
2022-12-02	medium	www.18fire.com/wp-includes/js/wp-embed.min.js?ver=5.4.12	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.3.6	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-controller.js?ver=5.4.12	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=4.9.512	Phishing
2022-12-02	medium	www.18fire.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=4.3.6	Phishing
2022-12-02	medium	www.18fire.com/wp-content/themes/monsta/fonts/ionicons.ttf?v=2.0.0	Phishing
2022-12-02	medium	www.18fire.com/?wc-ajax=get_refreshed_fragments	Phishing
2022-12-02	medium	www.18fire.com/?wc-ajax=get_refreshed_fragments	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (63)

	URL	Size	First Seen	Last Seen
	www.18fire.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17	119 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-05-09 14:46:04 Times Seen3775 Hash 1eca6ed028850aa07d5f4a003fd7079e 1f02b8c5485108373bdd14a96bb1fe22d72e157b 9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19 Loading...

	www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-selector-menu.js?ver=5.4.12	95 B	2023-03-08	2024-03-12
Pretty URL www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-selector-menu.js?ver=5.4.12 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2024-03-12 00:27:53 Times Seen28 Hash 8cc7dfccfd78456448cbdfdebe69796d 9746b93ae5b91c369f4ba51d7019882a10fc6f7a ae0f725fce581fd13b75c9b8a63271282ce9d093208c5230cc62e6eb2086d1b7 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	2.3 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-05-10 08:19:03 Times Seen4827 Hash 6f740b956919fbaa673bb496be184ac1 fa7d2aef8069f1be31c655fb889c897eae36757a c8d83f1bd6a850a6f197b9bcce38828132ad627358b9c2c78e7c4bef4d22c304 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	1.0 kB	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 20d827739fee1efc1a02ae62a75ca101 a1c7068b9d7fcd5e1a496e6489caeb422865535c 79cdb0b6f337771e000048a4c98c131290b1288a1a5a9c63c44227557973b248 Loading...

	www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0.7	3.8 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0.7 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-05-10 08:04:12 Times Seen968 Hash cf1fc1df534eede4cb460c5cbd71aba6 53e194f4a72e649c04fb586dd57762b8c022800b 0ba02b924fc5beeb370ed64d478401e94a513e970cac2c46266c708348135cf2 Loading...

	www.18fire.com/wp-content/themes/monsta/js/waypoints.min.js?ver=1.0	8.0 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-content/themes/monsta/js/waypoints.min.js?ver=1.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:26 Last Seen2024-05-09 22:31:03 Times Seen6840 Hash dfe0eedf8da578f4a4c43b05448c51d9 812d7071b4e44b1aa5d5ea6c7ce0b79eb9d46520 a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833 Loading...

	www.18fire.com/wp-content/themes/monsta/js/jquery.counterup.min.js?ver=1.0	1.1 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-content/themes/monsta/js/jquery.counterup.min.js?ver=1.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-09 19:27:07 Times Seen14781 Hash ef36cca760bf1cd76cfcd0e4dc10cef1 ef38469f60d58850fe55c4de2ec7e289a2415d71 26d40f8ffdf1b9bf286a954c6888a33cda0cd031e802d821fe0c0562e379ae29 Loading...

	www.18fire.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0	21 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:58 Last Seen2024-05-09 14:46:04 Times Seen697 Hash 463cf6ebc00dd2045999aadbcb73a74a 52185ae4be6f23dc20aaa58b86c1f98db3f840d9 9be6923457d76debf4c512fac0a2173aaa94748868d26566515ce2a4156d083d Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	194 B	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 25268c8df5c9eac82d8881e94929c741 035cf92c7d6c3c72c230c760c8f7996b162ee26b 090814b19893561b28b175490ad5f4300d49dbb30c56f8e75737222ae20e327d Loading...

	www.18fire.com/wp-content/themes/monsta/js/modernizr.custom.min.js?ver=2.6.2	3.1 kB	2023-03-07	2024-04-02
Pretty URL www.18fire.com/wp-content/themes/monsta/js/modernizr.custom.min.js?ver=2.6.2 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:24 Last Seen2024-04-02 13:57:14 Times Seen488 Hash 6ab50f7923c5f783c336d1bf3a579c1b fc75cd09d3084021048a41da9c47f2fe42ad96eb 6a1fe0907100410728ab4d870e8b1cca4b9ce788b9c87e83444dd0cd5818ca3e Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	96 B	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-05-10 11:49:22 Times Seen10767 Hash eb3a538fd2a39c22198e72c3b9f498a7 c966ebdbd2701a0980a85671126664f3892d4f1e ac233233e7bcaf806041b243578fab081dced8a045d9a82756410da9ea2382a1 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	3.1 kB	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 928b87884ee2f1fc4be82fc6123d1d18 52fe01eb11e556d3f5e0b5c8b9969f7ebb2cbb51 32f0890f64250c4c2fe1ce94ef486ec8b9986eae9e69ad4587a8236e996bcbb1 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	346 B	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 927754c922c4618a07c9ac32a18bab52 2d979d12259c05cacb920c02384b08a7a79c81e8 79205e2d36bcc6682bad270a1cc2b55af8ffb21b7c6d51f68bce1e13fed1ee0b Loading...

	www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.11	22 kB	2023-03-08	2023-12-28
Pretty URL www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.11 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:33:28 Last Seen2023-12-28 12:51:04 Times Seen71 Hash 7780cd767df418366a66bc1f0a238ea4 eee23dcfb4c5047106a93ebe6058216a4dbdf839 3293c72e645ec575478069db54d1300fcfe70acab82e9384c1b683783a0984bb Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	212 B	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 14891a6487d8a884e6e4786e23340ab2 1c7d280635a73fc6d5ffb03fd2a27589548263d2 b77abb912a4713d757186c6c2659e19da4aa190f07b59af5d6f035e723b73d66 Loading...

	www.18fire.com/wp-content/themes/monsta/js/owl.carousel.min.js?ver=2.3.4	44 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/themes/monsta/js/owl.carousel.min.js?ver=2.3.4 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-05-10 08:51:24 Times Seen20410 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	www.18fire.com/wp-content/themes/monsta/js/TimeCircles.js?ver=1	35 kB	2023-03-08	2023-08-03
Pretty URL www.18fire.com/wp-content/themes/monsta/js/TimeCircles.js?ver=1 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-08-03 01:49:01 Times Seen5 Hash d2c38b30c528d2a81c956a758cadb916 c6b1ebb97d11c97eaeb5b9c4c2d6815aa5fc138f 97e2bda01fcc93e807398331c5b5488fb3b3fc20986d007280be62778494d221 Loading...

	unknown	0 B	2023-03-07	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-10 12:11:25 Times Seen37504161 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.18fire.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4	1.8 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-09 18:10:30 Times Seen4804 Hash 943f6eb962c25bd965e0f0e5a284fcd0 b050a98ebaef01d7597bf8c1acb995c0ef3bcbd9 50de09b0bb8d0ac656aa9b3a1e4ef58a3f2d1abd734cad68b0e12191e9d215ea Loading...

	www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.3.6	2.9 kB	2023-03-07	2024-05-08
Pretty URL www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.3.6 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-08 21:50:36 Times Seen2009 Hash 3518c9cf4786d55c48e6b318cdf3c8de ee13e5307a87355b9c35aa2e2907f642839a80cf bed0bd033705c33f1742d8fab2bfed8e945567319fd00e529838392eca49eac0 Loading...

	www.18fire.com/wp-content/themes/monsta/js/bootstrap.min.js?ver=3.2.0	32 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/themes/monsta/js/bootstrap.min.js?ver=3.2.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-10 08:07:47 Times Seen4215 Hash abda843684d022f3bc22bc83927fe05f 26908395e7a9a4eab607d80aa50a81d65f3017cb 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f Loading...

	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js	13 kB	2023-03-07	2024-05-10
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-05-10 11:52:57 Times Seen22907 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	www.18fire.com/wp-content/plugins/size-chart-woocommerce/includes/js/ocscw_front_script.js?ver=1.0.0	2.0 kB	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/size-chart-woocommerce/includes/js/ocscw_front_script.js?ver=1.0.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 9aadb51c1d23b1ce5dc8d713f5d7f9f5 dcd2a471fa3278118584f433b4a034cc5d91c67b 5c202eef948d24b5eb2c2f69f254298e0c8447a3071f663aa349ef9fbf9af17e Loading...

	www.18fire.com/wp-content/themes/monsta/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5	23 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/themes/monsta/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-05-10 10:40:08 Times Seen4562 Hash cc9e759f24ba773aeef8a131889d3728 53360764b429c212f424399384417ccc233bb3be bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347 Loading...

	www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=1.0.5	3.0 kB	2023-03-07	2024-05-06
Pretty URL www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=1.0.5 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-05-06 13:36:13 Times Seen430 Hash f53c246661fb995a3f12e67fa38e0fa0 91e41741c2e93f732c82aaacec4cfc6e3f3ec876 2d63b8ad7966c80ce51051da38da14f52b99cfb019aec650b2437fc74fac1560 Loading...

	www.18fire.com/wp-content/themes/monsta/js/superfish/superfish.min.js?ver=1.3.15	4.3 kB	2023-03-07	2024-05-03
Pretty URL www.18fire.com/wp-content/themes/monsta/js/superfish/superfish.min.js?ver=1.3.15 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:12 Last Seen2024-05-03 08:12:05 Times Seen177 Hash 2b93a3aca5d8ef8b8acfc24fd5d75b8e 728614d29875fe0d322ed1c8aeba6253f1eba811 c6fd16c8647ea8f1409657c80ab96b603a45f6a4d83c657c4eda10591a7903b8 Loading...

	www.18fire.com/wp-content/themes/monsta/js/jquery.mousewheel.min.js?ver=3.1.12	2.8 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-content/themes/monsta/js/jquery.mousewheel.min.js?ver=3.1.12 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:49 Last Seen2024-05-09 09:38:29 Times Seen1379 Hash 639d1c35a685d111aa4a509a2dbf660c d0991ef04e2dd8fd1b0cb0c8bb0f1026649d9b25 1fdbb2180496fca532f43deaffec879f8ca6990258b38a469aed4120d6c0d2fe Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	446 B	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 319fc8b73afa31060254c3497225aaab 0e02b31d5d38df47144c14ed8783f1db8b6f872b 4d9857e57b4ef4299792799deffd70a4d535f0b03238aff50a45512e7af6c9d3 Loading...

	www.18fire.com/wp-content/themes/monsta/js/slick/slick.min.js?ver=1.6.0	42 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/themes/monsta/js/slick/slick.min.js?ver=1.6.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-10 01:57:40 Times Seen5240 Hash b53bdfc29e18f4d493d775a8023fbdc8 e9fcbcc4fa70cba093b81d982a1b78509414cef7 e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	2.2 kB	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash d13f63c8b31bb343a45945b0907ee13f 7728c8d34986821880778dabe748d045635a64a2 178eeadf37af079205396f7349ff645dcf8e466550912bab3613cbff653bb839 Loading...

	www.18fire.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6	22 kB	2023-03-07	2024-05-06
Pretty URL www.18fire.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:48 Last Seen2024-05-06 08:06:01 Times Seen1027 Hash e2335332e53dd86db3fb0c9fc25457af 9c2a6a68bbc2276abab96358fe2a54b014982cb9 d80483c2fe131fd9d01d51b0378e0c3e2a7571e91f4f0fbd37de6276a1b464d7 Loading...

	www.18fire.com/wp-content/themes/monsta/js/jquery.shuffle.min.js?ver=3.0.0	13 kB	2023-03-07	2024-02-01
Pretty URL www.18fire.com/wp-content/themes/monsta/js/jquery.shuffle.min.js?ver=3.0.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-02-01 12:29:00 Times Seen67 Hash 54fcfddd4e512c1b92cd0b5486e6ca8f ffb953e2d036ff0d72aeaac3d8b8587358fc4b3f 6592712c1dfa4fcf94be74b77fa551283c7678cb939b11553e06e69f41dcb024 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	487 B	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 028ab602d7d96c55a65ab78ce053ee3e 6dd6c92d52d2fd5c8157fd5e2431872f3e393a21 f144da62a56a726d2223e16db97cfd730d8060b6798d111b79444238645fc483 Loading...

	www.18fire.com/wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=4.9.512	1.3 kB	2023-03-08	2023-06-27
Pretty URL www.18fire.com/wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=4.9.512 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-06-27 13:06:24 Times Seen3 Hash 66ab315cedd9b7f4e84c91019c86c992 8e598d197ab2406af44ab0427a127f54d6e5cec9 31757d32db1f2e1e3317e5cd48cbdefa8724ce69365d39ecdc26b75dbb994328 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	517 B	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 94bf36612091b0fddcb83e5ec6daf0d0 0a0d6ac93b8eab5d94ef911443b2e26e6b1a1acf e98ff7a2eed92c6a8135c84ff59167cf6dddfa576f2351feea5e250d5e429380 Loading...

	www.18fire.com/wp-includes/js/wp-embed.min.js?ver=5.4.12	1.4 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-includes/js/wp-embed.min.js?ver=5.4.12 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-05-10 10:26:28 Times Seen6968 Hash 905225d5711b559d3092387d5ffbedbd 6f6c39075263bafb9e8c10f1b34a1a0f7ee03c9d 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Loading...

	www.18fire.com/wp-includes/js/underscore.min.js?ver=1.8.3	16 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-includes/js/underscore.min.js?ver=1.8.3 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-05-09 11:49:11 Times Seen2093 Hash 203eeb8dd53e84fb53b7aeffb562d825 b4b4361a61ee78717bdcffe5c46ea79cdc3e04ae 6cd0d6897b3d4779f7d88ce72531f22fbf75851b195fb14e6f3f23d051b3d1e9 Loading...

	www.18fire.com/wp-includes/js/wp-util.min.js?ver=5.4.12	1.1 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-includes/js/wp-util.min.js?ver=5.4.12 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:03 Last Seen2024-05-09 04:33:36 Times Seen1094 Hash 8852ab48e7d14f035a27f3c15d31c054 eed53bd391b539796dfe3b5bc5849170ab77c987 6d7c73e67cbb5215d633ce9ad65f0c0377004621fce62982568024178ac4b589 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	750 B	2023-03-08	2023-05-15
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:54:34 Last Seen2023-05-15 18:00:32 Times Seen2 Hash dd716db86a8800b0cecd45e62c0efbd7 35a6332eb4728192f64b9719511104d6747c0a5c aba046c1c254b4d4583eac5e099fdb7e562696d0568fd66340eb9742bfabc57e Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	96 B	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-05-10 11:55:18 Times Seen3589 Hash d8772bfb2ec7dec5262a932766aa1669 8440292e305868d90f6f15a3ea6975a3b9774f43 c19c2ee1fc048012374a6d75c822daf9b7c0d4ebef7ab8df1ab22b229a00d012 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	294 B	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash b9fb954314c90c792a68d327a5804db8 abbb41f52755eb353d0fb763a57e321d23531faf 749b3fb7cd0a7ff18eb1f540feedbfaf6d10a1673342c0ccc14bac949cfa2494 Loading...

	www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.jquery.min.js?ver=1.3.0	28 kB	2023-03-07	2024-04-13
Pretty URL www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.jquery.min.js?ver=1.3.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:24 Last Seen2024-04-13 01:21:13 Times Seen68 Hash 8786a9ac3b0cc1f8e6621ea6c7f5eba5 04000831b83c6b8863875137fe3a9a3ed1bd2e8a 44a3c1ee61dfeeb01f9aa4539c3dd1d81da1c6b042666f31b1a9ef9c822002af Loading...

	www.18fire.com/wp-content/themes/monsta/js/jquery.countdown.min.js?ver=2.0.4	4.6 kB	2023-03-07	2024-05-03
Pretty URL www.18fire.com/wp-content/themes/monsta/js/jquery.countdown.min.js?ver=2.0.4 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:28 Last Seen2024-05-03 08:12:05 Times Seen450 Hash f67da8ef1bb72583a9be2d03590e071d 08eb3f24f36d538f11bd6fa97ab72767f369c44d 96cfb196db175fd802227935d2e58a6c25b6783ac42adb85782bc986fe3fde82 Loading...

	www.18fire.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.0	15 kB	2023-03-07	2024-03-23
Pretty URL www.18fire.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:04:53 Last Seen2024-03-23 18:09:30 Times Seen83 Hash b6dff1628078e6bedbdde382d1759a60 da591e520ace1fe4999f3b8c866de027159d2bab 414ea84fc4529a749bf400e35a46bcc39cc0248aab5dc5e8026a06de1152bca8 Loading...

	www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.3.6	14 kB	2023-03-08	2024-04-04
Pretty URL www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.3.6 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:33:28 Last Seen2024-04-04 22:17:45 Times Seen34 Hash 965d6698dd7db4c5e33b71c57541624a 1ab6d4ee803e43b0577ff9248046158d7b62d923 67876d4862da669ebc0acea7a4ef12775978f0f180737e184843d7ab87012e96 Loading...

	www.18fire.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	97 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:38 Last Seen2024-05-10 10:26:28 Times Seen17929 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0	16 kB	2023-03-07	2024-05-06
Pretty URL www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:48 Last Seen2024-05-06 08:06:01 Times Seen1125 Hash abcac4975c248d31ee7f58af56e357a4 f9e3c45b908a633aa76d27804e183030fe311ae7 fdfbb661e5d5f32edf12ea356c0e6d457c96cc209d6601b310cc277bb950e8b6 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	135 B	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-10 11:55:18 Times Seen26793 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.3.6	2.0 kB	2023-03-07	2024-05-08
Pretty URL www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.3.6 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:50 Last Seen2024-05-08 08:20:19 Times Seen1442 Hash 72095aaafd6f6cf97cf0187d3de394ca fe5f864f22ad4a794466c349ba9472b6f1922cc6 946e3771efeabcf9a23d88089ce6ef6cb94531e36775004483fd8e237275dc29 Loading...

	www.18fire.com/wp-content/themes/monsta/js/theme-monsta.js?ver=20140826	40 kB	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/themes/monsta/js/theme-monsta.js?ver=20140826 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash d8e233d42cc9583e096c6fdddac1a656 2030d6434f6a6bc4b85433b889d187e117488f99 9e01001a5221a97dac1fb21eccb500382a458b58b65a8f28e47c26926ef27458 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	2.1 kB	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 4b2969f899217be5bc236aefeaf114ee 983a951d243ca6bede36c15fdea92e00a920b8b5 0362271a2adeade92b7d12f51200a73e3e79278d74eba64969a56bbf0ce74019 Loading...

	www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.proto.min.js?ver=1.3.0	28 kB	2023-03-07	2024-04-02
Pretty URL www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.proto.min.js?ver=1.3.0 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:57:24 Last Seen2024-04-02 12:06:46 Times Seen39 Hash 93d1133ded89a8d03997a20dc220c2ae 5ae1665200c20aeeb2909c5f67ce6a7cdf2b8d41 dd1daaf98b481403b5a48b09b0ff6670ece1e8e77fdc2fab1cbc13174002a553 Loading...

	www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-media.js?ver=1.0.6	5.3 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-media.js?ver=1.0.6 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:45 Last Seen2024-05-09 21:20:10 Times Seen994 Hash c017067f48d97ec4a077ccdf056e6a2e 3bdf69ed2469e4fb57f5a95f17300eef891ff90d e53e650a83dbce1ab8d93c365299f2e8f5070c414c9ea302f2422ca65f5fdab4 Loading...

	www.18fire.com/wp-content/themes/monsta/js/variables.js?ver=20140826	1.9 kB	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/themes/monsta/js/variables.js?ver=20140826 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash 3adfa656d7e9cc0653ae541b5525c871 389c731c23724bc1b66a52dbd56df0865bc22ae7 da5acedddc89c81c311df4e23e8bbad5f915f4d1f95deb4d7472cf6727abbe47 Loading...

	www.18fire.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12	14 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-05-09 15:01:18 Times Seen2911 Hash c8d5a4cd14632bc2bdf15b5e45ca9d4d cdf210b710c2792eda450a1a11e5dc1f8dae8594 956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694 Loading...

	www.18fire.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	10 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-05-10 11:18:31 Times Seen37686 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	www.18fire.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70	9.6 kB	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-10 06:57:12 Times Seen5020 Hash 81b2be18696c4dfe620f7b6d0d75a566 0c3cd7bdf58a65b07e17be39cfe4e386571bb4bd 120aaf6681ca6d34a40c559779f0a0038582a79fce1b868ff901c94d27c89c72 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	124 B	2023-03-07	2024-05-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-08 21:50:35 Times Seen1870 Hash bac1516825f021e09b3030700974ae69 56554bb8f07d7105342b215b5e74c581fca4755f 0e93aa5f748928796ac89a237d4cb79f42ba9305d54f695c947daf58b0576b07 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	65 B	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash b27f0d0dcf57ab1d719f126e2ada3e44 a7a9f69715533cf4e17a7fe731e13175fc813427 fe9128407ef2f8bf93c2c0ea0c06c5e9cc34e5d5ac9562047eea4ad4a8dd27f1 Loading...

	www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf	435 B	2023-03-07	2024-05-10
Pretty URL www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-10 07:53:33 Times Seen2599 Hash 6d3fb02f90526fa664994848db387966 c81a52e84890c563a53c76fa62f38eb27175dccf 14e5b45ae7259f0ae964f80435cdf3869ec8b673e1b70ce3737d5f62131bb468 Loading...

	www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-controller.js?ver=5.4.12	3.7 kB	2023-03-08	2023-06-12
Pretty URL www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-controller.js?ver=5.4.12 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-06-12 12:52:48 Times Seen6 Hash 319ce838a737ac65094433aad09dcbea c89066a8364aaeeb2a56417d57edebace5fad303 37052cbcfff159b23bace29d39290f82d3d798bb29406077c9e5ea9d7e253e3a Loading...

	www.18fire.com/wp-content/plugins/super-forms/assets/js/common.js?ver=4.9.512	348 kB	2023-03-08	2023-03-08
Pretty URL www.18fire.com/wp-content/plugins/super-forms/assets/js/common.js?ver=4.9.512 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:42:54 Last Seen2023-03-08 14:42:54 Times Seen1 Hash d744762b04301ee5cc2226f303eb13d1 a9d6cad6f9cf7db89c56abb415dba79ee08afc45 f6bc8fad2dc1e4195deed80f054a7c850fe7cb4afda2489a53ac9afe510ac381 Loading...

	www.18fire.com/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3	75 kB	2023-03-07	2024-05-09
Pretty URL www.18fire.com/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3 IP 119.18.58.80 ASN #394695 PUBLIC-DOMAIN-REGISTRY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:58 Last Seen2024-05-09 15:36:24 Times Seen660 Hash da607360bcc65284a197ada3d68d5439 a3cf7f0ff2baef254ce214b9bb042f01a7140a35 149b8bc61889897fb9420b347362582c8c89e62d28e1c720e8343ace08ad0986 Loading...

HTTP Transactions (134)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5556
Expires: Fri, 02 Dec 2022 19:15:48 GMT
Date: Fri, 02 Dec 2022 17:43:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3130
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:12 GMT
Last-Modified: Fri, 02 Dec 2022 16:51:02 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 17:18:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1500
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3540
Expires: Fri, 02 Dec 2022 18:42:12 GMT
Date: Fri, 02 Dec 2022 17:43:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: f7rSynDqOEjsW05PMGrJg/9vIuZ5w+oJ7o/AQbmW5LJ51ZtCButFmhysxjTNbhlvAN123/1B1jc=
x-amz-request-id: 3W5GXSD3GJ4XGSBH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 16:46:11 GMT
age: 3421
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 17:43:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 17:11:15 GMT
cache-control: public,max-age=3600
age: 1918
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3115
Cache-Control: max-age=144936
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:13 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:58:49 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf

119.18.58.80

301 Moved Permanently

0 B

URL HTTP/1.1
18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf HTTP/1.1
Host: 18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 17:43:13 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
X-Redirect-By: WordPress
Set-Cookie: super_session=6800f9df86bfa957b2505647efa2480a%7C%7C1670004793%7C%7C1670004433; expires=Fri, 02-Dec-2022 18:13:13 GMT; Max-Age=1800; path=/
Upgrade: h2,h2c
Connection: Upgrade
Location: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Content-Length: 0
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

44.240.159.184

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.159.184:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DQhdvTkdIlStEYavXBBhgg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AZRH+d0VPyJbyEL0oU1RTK03YNI=

www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf

119.18.58.80

404 Not Found

24 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22046), with CRLF, LF line terminators
Size
24 kB (24364 bytes)
Hash
062b619234c352b68570507368e6f8dc
add8fc83f7cbba754f25864c6e61e9dd669c0283
e85dd0be2cd145e768d0425f947f18f228b835c94027187270bf4a1cd0ceaaf8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Date: Fri, 02 Dec 2022 17:43:13 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
Link: <https://www.18fire.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434; expires=Fri, 02-Dec-2022 18:13:14 GMT; Max-Age=1800; path=/
Upgrade: h2,h2c
Connection: Upgrade
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

www.18fire.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12

119.18.58.80

200 OK

9.8 kB

URL HTTP/1.1
www.18fire.com/wp-includes/css/dist/block-library/style.min.css?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (28088)
Size
9.8 kB (9824 bytes)
Hash
0f01185d6a397a0956dfb4cd6819b507
1ef2787c65358e6bd69e2805e91bf144c244675a
ecfcaaf80c077263b5516c938803306fb2958367f6a2c63fb413d9d82d1c37a0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 16 Oct 2022 08:11:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9824
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.11

119.18.58.80

200 OK

6.8 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.11
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (28823), with no line terminators
Size
6.8 kB (6750 bytes)
Hash
7695a77e72fe652e667af73f0ee15cf8
2ba72dc405caef0771622951db8f35540051ff96
11be45072c3ec7db4b826eecd9721244fefce8f861d0ad984a719b4e047d4913

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.11 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6750
Content-Type: text/css

www.18fire.com/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.3.3

119.18.58.80

200 OK

8.4 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.3.3
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (33230), with no line terminators
Size
8.4 kB (8425 bytes)
Hash
26448e34aeb9208575e55af095e5727f
e122c4fbaf66085275630341afa59e6b25e1afd9
d28eb9983475f0ff8e399dc861719842ec2fa5eb6f99af96daf5bcd5e55182ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/essential-grid/public/assets/css/settings.css?ver=2.3.3 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8425
Content-Type: text/css

www.18fire.com/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=2.3.3

119.18.58.80

200 OK

2.4 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=2.3.3
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text
Size
2.4 kB (2441 bytes)
Hash
c4793d4c5f37223118865b6a8b93d546
ac6045f732cd75b8218df26ee33bd099aa2fd3bb
c4d3046b4ee1e66a3363225cb0ffb5d7d4400c19f15d39d8b2f41c12555c5dc4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/essential-grid/public/assets/font/fontello/css/fontello.css?ver=2.3.3 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 16 Oct 2022 08:11:48 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2441
Content-Type: text/css

www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/css/frontend-currency-selector-menu.css?ver=5.4.12

119.18.58.80

200 OK

93 B

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/css/frontend-currency-selector-menu.css?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
93 B (93 bytes)
Hash
ebcd0e3256a925ea1930a7189fcf3ee6
4031b7be9016f7904e5284be08737022a650ec1f
f3998ac55db1dcdce6b573ea5235ab2394ceba7fdb68fa97f6f908200a6b18d8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce-multiple-currencies/css/frontend-currency-selector-menu.css?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:14 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 93
Content-Type: text/css

www.18fire.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.2.0

119.18.58.80

200 OK

62 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65358)
Size
62 kB (61902 bytes)
Hash
5e46eb3642d17a64484757a732f199eb
6096e5c5f4df6f67845e0e05e687278fd3a46716
0fb52ae1db1343b3e1e91ddd40f8b1319d4e5e2069ec21f69f6bb9d222f0c27b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:14 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

www.18fire.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=4.3.6

119.18.58.80

200 OK

3.0 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=4.3.6
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (17637), with no line terminators
Size
3.0 kB (3015 bytes)
Hash
53a1d08c8b3c090a03c4964d2442e953
8dd89b4935451b550f5165d797dc5fd4a7bcacf9
4ba79f0ca1c9c6e0c8316e2d67e716324e3621c0f726d846f3e80f12e3e81cc9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=4.3.6 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3015
Content-Type: text/css

www.18fire.com/wp-content/plugins/size-chart-woocommerce/includes/css/ocscw_front_style.css?ver=1.0.0

119.18.58.80

200 OK

1.5 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/size-chart-woocommerce/includes/css/ocscw_front_style.css?ver=1.0.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1533 bytes)
Hash
8b557601d317afa26b34ea36ee89048a
72882afc0068368fdc357946c11e624904ffe0d3
4512fc894f46cddb95318eba1a42c39e77a3ecf8345e8f8c04a9e24d2cc1e015

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/size-chart-woocommerce/includes/css/ocscw_front_style.css?ver=1.0.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1533
Content-Type: text/css

www.18fire.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.3.6

119.18.58.80

200 OK

13 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.3.6
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (62497), with no line terminators
Size
13 kB (13158 bytes)
Hash
dda9c42b07dba0ced1180a9f22fc4419
d8c88f9a0a04a05d6b21c3d9f620cd55deb88da1
7c355372560a033ab7f68282ed07c2fa8a3d847fd82aaa83f0626c7a2a14d408

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.3.6 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13158
Content-Type: text/css

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19813
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 17:43:15 GMT
Connection: keep-alive

www.18fire.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=5.4.12

119.18.58.80

200 OK

2.7 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (9152), with no line terminators
Size
2.7 kB (2665 bytes)
Hash
44022ff8f2e16434bd88d7fe67511731
8743e90bcb34740ba7e5645dd27dfb779921269e
37605c4f39ff0397d6a2ff8f6d5928a75552356d23d0f2212ffa5311e7843895

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2665
Content-Type: text/css

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19813
Expires: Fri, 02 Dec 2022 23:13:28 GMT
Date: Fri, 02 Dec 2022 17:43:15 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6564 bytes)
Hash
58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 72508
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8863 bytes)
Hash
156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 10:51:17 GMT
age: 24718
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7732 bytes)
Hash
379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FhCtGsjgnq83-zRNBH-y9BHUh2IRaN0ahO-BCUw7bTWU8jAanBqdlA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:35 GMT
age: 71380
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6174 bytes)
Hash
b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 42147
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11402 bytes)
Hash
1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 71502
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 44580
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
496ee2fc0bbba2d212d93bc93a5d5f0a
fd383d8d544e75a53e1fc4150b33e5d006e979d4
d24ce227af3f474b1e78c8244ee31334bc28f8ef2a3271813f8427cb497ccbd3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D24CE227AF3F474B1E78C8244EE31334BC28F8EF2A3271813F8427CB497CCBD3"
Last-Modified: Fri, 02 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17642
Expires: Fri, 02 Dec 2022 22:37:17 GMT
Date: Fri, 02 Dec 2022 17:43:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
496ee2fc0bbba2d212d93bc93a5d5f0a
fd383d8d544e75a53e1fc4150b33e5d006e979d4
d24ce227af3f474b1e78c8244ee31334bc28f8ef2a3271813f8427cb497ccbd3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D24CE227AF3F474B1E78C8244EE31334BC28F8EF2A3271813F8427CB497CCBD3"
Last-Modified: Fri, 02 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17642
Expires: Fri, 02 Dec 2022 22:37:17 GMT
Date: Fri, 02 Dec 2022 17:43:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
496ee2fc0bbba2d212d93bc93a5d5f0a
fd383d8d544e75a53e1fc4150b33e5d006e979d4
d24ce227af3f474b1e78c8244ee31334bc28f8ef2a3271813f8427cb497ccbd3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D24CE227AF3F474B1E78C8244EE31334BC28F8EF2A3271813F8427CB497CCBD3"
Last-Modified: Fri, 02 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17642
Expires: Fri, 02 Dec 2022 22:37:17 GMT
Date: Fri, 02 Dec 2022 17:43:15 GMT
Connection: keep-alive

www.18fire.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.17

119.18.58.80

200 OK

17 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.17
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
17 kB (16800 bytes)
Hash
dd51edf690a16a5e067a25d8874e8489
10279f3155cb0eaffd55303ec459ef9a41ef0ddb
70eaa58b53a3269fab91ae897a3fc4f6d5ebc17171df2396159e1d3daeee1d40

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.17 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16800
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/js/slick/slick.css?ver=1.6.0

119.18.58.80

200 OK

477 B

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/slick/slick.css?ver=1.6.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1292), with no line terminators
Size
477 B (477 bytes)
Hash
7a39089cba7eaa55bf48078e4f643511
f744ed9aacffc3b4708d59e36047e7a85ed22e8d
0ab50a68202bc9e7cc8e9b7efc23d6f5982cea33fc1da5bc5b7879748a2093ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/slick/slick.css?ver=1.6.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 477
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.min.css?ver=1.3.0

119.18.58.80

200 OK

3.2 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.min.css?ver=1.3.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (10608)
Size
3.2 kB (3174 bytes)
Hash
c1e7ae9da797a1e374cd8213e055d51b
9ff4d49778133381aec838c7e6259a7f8388e268
c4d4668444cdcf20d294bbadcffce14704e084f267ec80bb2f08239af4ca08b9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/chosen/chosen.min.css?ver=1.3.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3174
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/js/fancybox/jquery.fancybox.css?ver=2.1.5

119.18.58.80

200 OK

1.7 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/fancybox/jquery.fancybox.css?ver=2.1.5
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
1.7 kB (1656 bytes)
Hash
4f805e483d6ad9f49fc5b5fef33bd5a1
f8f38111cb54d86cc279aeb872ce4678e0bcc543
21c702649a01bb90bee0bd47453b5ab678608977d3522b11eab2d921d54a4ad6

HTTP Headers

GET /wp-content/themes/monsta/js/fancybox/jquery.fancybox.css?ver=2.1.5 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1656
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=1.0.5

119.18.58.80

200 OK

794 B

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=1.0.5
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
794 B (794 bytes)
Hash
897ec53ab4bd39d32db19c5fe92c6e22
9b852d85388734265172e12bf7053e517adcf628
640d1749f47ca0528d7e63f04ef31b0b14371c7da8d385408a4725059d5837c5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-buttons.css?ver=1.0.5 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 794
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/css/custom.css

119.18.58.80

200 OK

526 B

URL HTTP/2
www.18fire.com/wp-content/themes/monsta/css/custom.css
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (359)
Size
526 B (526 bytes)
Hash
7bd937f6d7762cd63e3956fb48c8c870
665899ee7238da1dd87a7c577cf5f00c3ae11169
ada2b66db0e0c8bff0ece0984edb8083e0269ff1d688d1ddcf871e14f86c85d4

HTTP Headers

GET /wp-content/themes/monsta/css/custom.css HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.18fire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sun, 16 Oct 2022 08:11:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 526
content-type: text/css
date: Fri, 02 Dec 2022 17:43:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-thumbs.css?ver=1.0.7

119.18.58.80

200 OK

303 B

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-thumbs.css?ver=1.0.7
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
303 B (303 bytes)
Hash
3260ac6239e307b11c6cc222bb8f0fb8
85df155cb527d1406002dd5e59b773b7e3185432
463b628150320f377b92ca36eafd12b8cca875e7a0512c6bb6847798f7273553

HTTP Headers

GET /wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-thumbs.css?ver=1.0.7 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 303
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/style.css?ver=5.4.12

119.18.58.80

200 OK

5.4 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/style.css?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (490)
Size
5.4 kB (5440 bytes)
Hash
2d8fe41c683863ae5a63d11b398f1492
4b1df7f665521dd01ab0d5a3c5e77d52b06943cd
dbb5ee117d10d14fe46cad020ac1fd584526396bb16dd801676091d97e88ec71

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/style.css?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Tue, 18 Oct 2022 05:50:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5440
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/css/megamenu_style.css?ver=2.0.4

119.18.58.80

200 OK

16 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/megamenu_style.css?ver=2.0.4
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (483)
Size
16 kB (15632 bytes)
Hash
100149769d33b7eee4f599d411b01a2d
5980c60c71197856b5c170dc57c4c2e0aa94d5e8
a6f41c5e25991920d663e97a525857e3c0d829e0c0ab5fdb8b5afb31bb7db543

HTTP Headers

GET /wp-content/themes/monsta/css/megamenu_style.css?ver=2.0.4 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15632
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/css/font-awesome.min.css?ver=4.2.0

119.18.58.80

200 OK

5.5 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/font-awesome.min.css?ver=4.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (23577)
Size
5.5 kB (5467 bytes)
Hash
c2e651f2d478ee2129c2e550f2b4c605
1b7dec88bc2df16884c5e5f071eca75ea4c498f9
e63cbdf9c15994fec30dcc67ff294020581806c9fee98487f99f966aaacd8adb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/css/font-awesome.min.css?ver=4.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5467
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/css/ionicons.css?ver=2.0.1

119.18.58.80

200 OK

9.0 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/ionicons.css?ver=2.0.1
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (20244)
Size
9.0 kB (9026 bytes)
Hash
b6ad684f179a9028340f04ad9f791c9e
b7a0b312fd84fc049ff06f2cb6a3d5ddaa001698
2d96a6df45cffe0f42ecd03a3931d41b4fbb6697a00203b282d5bfef8e6d7981

HTTP Headers

GET /wp-content/themes/monsta/css/ionicons.css?ver=2.0.1 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9026
Content-Type: text/css

www.18fire.com/wp-content/uploads/2018/10/logo2.png

119.18.58.80

200 OK

2.5 kB

URL HTTP/2
www.18fire.com/wp-content/uploads/2018/10/logo2.png
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 126 x 33, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2517 bytes)
Hash
936aa0fdaa1e9187f6dfcf6aedd395fd
a4c1b225e7f216ea3c465e6f74fc902d24703a45
c5bc6cbd17346dfd32efe590eb422c55208c1572aec14afd1ee991a97e31bb9c

HTTP Headers

GET /wp-content/uploads/2018/10/logo2.png HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.18fire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 17:20:51 GMT
accept-ranges: bytes
content-length: 2517
content-type: image/png
date: Fri, 02 Dec 2022 17:43:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.18fire.com/wp-content/uploads/2020/08/logo.jpg

119.18.58.80

200 OK

4.2 kB

URL HTTP/2
www.18fire.com/wp-content/uploads/2020/08/logo.jpg
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 172x75, components 3\012- data
Size
4.2 kB (4228 bytes)
Hash
bb811e7f113962a27f06bd32f0478da2
ba4fb9d1c320f179133ddcb7c32c9b439555a301
1ea1dc990a4315263beebc3579524c386597458be224e7689a40b2fa212ee839

HTTP Headers

GET /wp-content/uploads/2020/08/logo.jpg HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.18fire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 17:58:45 GMT
accept-ranges: bytes
content-length: 4228
content-type: image/jpeg
date: Fri, 02 Dec 2022 17:43:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.18fire.com/wp-content/uploads/2020/08/payment-cards.png

119.18.58.80

200 OK

12 kB

URL HTTP/2
www.18fire.com/wp-content/uploads/2020/08/payment-cards.png
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
PNG image data, 317 x 31, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12455 bytes)
Hash
98831a6687d9cd691669deb4bc94e308
2a53b752a0293ecd6d6ef674f8c5cff8d7dee9ee
1685cb1f6fc8af87fab49721710f672d06e0389a242f07c8a940e227ae7ee0cd

HTTP Headers

GET /wp-content/uploads/2020/08/payment-cards.png HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.18fire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 17:39:23 GMT
accept-ranges: bytes
content-length: 12455
content-type: image/png
date: Fri, 02 Dec 2022 17:43:15 GMT
server: Apache
X-Firefox-Spdy: h2

www.18fire.com/wp-content/themes/monsta/css/plaza-font.css?ver=1.0

119.18.58.80

200 OK

5.2 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/plaza-font.css?ver=1.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
5.2 kB (5185 bytes)
Hash
f92a3d367ee5525929702a883ba890d2
e04056319253e83d5e9e2cae9c5f34612c0bd9c4
2dd40f8729b972450a56766fa0dc5702a18012b4e52bcd9c3c7952c5611a9968

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/css/plaza-font.css?ver=1.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5185
Content-Type: text/css

www.18fire.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12

119.18.58.80

200 OK

4.9 kB

URL HTTP/1.1
www.18fire.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (10927)
Size
4.9 kB (4919 bytes)
Hash
74acb8925ccad5ae68a7de63ac2e206c
bca21566d30f26b484c9a6f188732fd3a0f33504
c722db5a63ae5ead61450512a948a7268580a57ba0d0296b7c151811aa91e77a

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 16 Oct 2022 08:11:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4919
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/css/animate.css?ver=5.4.12

119.18.58.80

200 OK

7.2 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/animate.css?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
7.2 kB (7166 bytes)
Hash
fc0fe8081b6eadbe2c87cbf00ab19743
9a1908dba4ae31712f9146f9b908fa9c76c26043
8b4dca93d954727319356ee46e64ae134df2cc603d75fea0cfd4ce26f7334dde

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/css/animate.css?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7166
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/css/owl.carousel.css?ver=1.3.3

119.18.58.80

200 OK

1.5 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/owl.carousel.css?ver=1.3.3
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
1.5 kB (1538 bytes)
Hash
9f4ba4c2dad01810037ffd3ec3d4f0ba
04a2144781ee99cfc70b82ca41d6bb0e2354fea2
a0f5915abf0a6fbcb54cf1c9a94dff8921af4cadcc47fa40869ef693e7124c93

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/css/owl.carousel.css?ver=1.3.3 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1538
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/css/stroke-gap-icons.css?ver=1.0.0

119.18.58.80

200 OK

64 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/stroke-gap-icons.css?ver=1.0.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (60876)
Size
64 kB (63821 bytes)
Hash
f037065f35a0c474a3c7c82ebf1c29c1
d2ecccf0b2a8176b7f0a5d62c8291e843589cea7
524f31e65e3cd5e1bc1299707c6aae504b6f4c936b3344924dcfc29f7927b1f9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/css/stroke-gap-icons.css?ver=1.0.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:15 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/css/vendor/flags/currency-flags.css?ver=5.4.12

119.18.58.80

200 OK

164 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/css/vendor/flags/currency-flags.css?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (37593), with CRLF line terminators
Size
164 kB (163508 bytes)
Hash
31e6e5f465508e481f8cbd0234aada11
688b642acc66a8f754b651f14e5c5755530a5c2d
06a4af9876118976f6e942213034437b19e286d677bc1705422480c48ce8d3cf

HTTP Headers

GET /wp-content/plugins/woocommerce-multiple-currencies/css/vendor/flags/currency-flags.css?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/css/opt_css.css?ver=1.0.0

119.18.58.80

200 OK

0 B

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/opt_css.css?ver=1.0.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/css/opt_css.css?ver=1.0.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Content-Length: 0
Content-Type: text/css

www.18fire.com/wp-content/plugins/mega_main_menu/framework/src/css/icomoon.css?ver=2.2.0

119.18.58.80

200 OK

9.5 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/mega_main_menu/framework/src/css/icomoon.css?ver=2.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
9.5 kB (9503 bytes)
Hash
472df7bf5c40af88ad378fc8ec3a924f
f8da688141b7b5237c33d192c243a35db12b282a
75de5e4f1bb547a0f7709f67bbe09a8d7cf9350bc3afea54ac55f722abbc002a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mega_main_menu/framework/src/css/icomoon.css?ver=2.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9503
Content-Type: text/css

www.18fire.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=5.4.12

119.18.58.80

200 OK

26 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25704 bytes)
Hash
63e6ce91e982bb3db8800a933d5e550c
992548e887c98a428477d51c86377c7d71cd722f
385bc2fbba33ad5f924401ff511533fc1e9757900aa21d02160d364c4caacc82

HTTP Headers

GET /wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

www.18fire.com/wp-content/uploads/js_composer/custom.css?ver=6.2.0

119.18.58.80

200 OK

253 B

URL HTTP/1.1
www.18fire.com/wp-content/uploads/js_composer/custom.css?ver=6.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
253 B (253 bytes)
Hash
643a039f8b7f908bdf3ab41743650a61
3ede0712e1e856f92cf83beee7af89bdb448d8d1
0093dafca771721714df2d519c812538f5684ec399b4a7eccfed35433fab77f2

HTTP Headers

GET /wp-content/uploads/js_composer/custom.css?ver=6.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sat, 15 Oct 2022 18:00:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 253
Content-Type: text/css

www.18fire.com/wp-content/themes/monsta/css/bootstrap.min.css?ver=3.2.0

119.18.58.80

200 OK

25 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/bootstrap.min.css?ver=3.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65371)
Size
25 kB (25265 bytes)
Hash
d60dadc572c992ab23ab105eae5d7b4c
4b2c15f271a0e653a74b4c02941e22384e71cff5
c2af3e5070e6d3f2124949db8a781e7be0d553e57371e9a7ba7cd072e9d92c6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/css/bootstrap.min.css?ver=3.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

www.18fire.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

119.18.58.80

200 OK

4.4 kB

URL HTTP/1.1
www.18fire.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (9959)
Size
4.4 kB (4444 bytes)
Hash
1e40dfe689f1e989e1a3de2e3c6e26bf
4196eddc5203fd18f63e90065d777f757088ca2f
b40b1ef07db6e093ad2df064e8cb582906eb2448e1caacc2f5b721cd5d0e3cb4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4444
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-selector-menu.js?ver=5.4.12

119.18.58.80

200 OK

106 B

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-selector-menu.js?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
106 B (106 bytes)
Hash
210d78702398bc6ca73eaef22b6eabaf
d51fb22bb8a403db170655fa27a90bbbeda4d00d
c4b6ace2a28b4a42a16c378496fc93477540e533371a4976cacacd23329b638b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-selector-menu.js?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 106
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17

119.18.58.80

200 OK

55 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (41022), with CRLF line terminators
Size
55 kB (55035 bytes)
Hash
ea22a63a115112c3f278e1a3873eae92
a5acf5223509ded3f432c8b8cfa5f2d1c30e7e87
07f070f32ba73c9cd4a35f5d6d3f3ee55a94adf5483408b30ae44181991a2949

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.17 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

www.18fire.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

119.18.58.80

200 OK

43 kB

URL HTTP/1.1
www.18fire.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (31997)
Size
43 kB (42766 bytes)
Hash
db3a0076514643ba73afd55e1a83d176
762702ae91e53968444bd2d9d743539d04c29642
a96be560ba0bbbf51a4d02e4a60f523e1470bfb6a2a72881a77bb8963a343842

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/size-chart-woocommerce/includes/js/ocscw_front_script.js?ver=1.0.0

119.18.58.80

200 OK

753 B

URL HTTP/1.1
www.18fire.com/wp-content/plugins/size-chart-woocommerce/includes/js/ocscw_front_script.js?ver=1.0.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
753 B (753 bytes)
Hash
36a0bc0248173ba5a61eb99b1498c6e7
c6c0987c7e737b9e9ded4d0de749b8c6ff7e00e7
ba8a4a5f123cce5308ada264d126684d35aff0d0a119508aeca61f1ca3642ac3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/size-chart-woocommerce/includes/js/ocscw_front_script.js?ver=1.0.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 753
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/TimeCircles.js?ver=1

119.18.58.80

200 OK

10 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/TimeCircles.js?ver=1
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
10 kB (10034 bytes)
Hash
3a8b0187154c1ae0cd1a25515485c094
0490ea837c83ac86e85043c6f82c0ae1e45602c5
d4cf810386c3f4973d14fb8128e517f5fd03f90f43f95e0e38e388e45703cbe5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/TimeCircles.js?ver=1 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10034
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.17

119.18.58.80

200 OK

110 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.17
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (56545)
Size
110 kB (109941 bytes)
Hash
0fb1cb2f4a40e0d5c8021c3862e054bd
47bc61e0ed8d075d3cea9d3d2eecce2b03ae7c66
4da6136d64663594902d5fb29568b2057401f720464ea3aa84eceb4240215f30

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.17 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.7.3

119.18.58.80

200 OK

32 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.7.3
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
32 kB (31894 bytes)
Hash
5a026c76b0c329fcadfe21f208b7b236
a5ae52573a9c7a791634d125ff3de4f4229ed191
ff5d3b6b7ddf2d1382310a1e8d664842b6220fb9837c3e316d3b6aba4432a8dc

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=2.7.3 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0

119.18.58.80

200 OK

1.2 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
1.2 kB (1188 bytes)
Hash
5da7e83bf9b7b7ae6b9825977476994f
0f5b2e616159bff9bff65c979896717e4409b151
59955a52571b4419a3fe764c316900de6af0e259c654718e59efb2f43399ef63

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1188
Content-Type: text/css

www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0

119.18.58.80

200 OK

7.1 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7114 bytes)
Hash
82a55032c4b614390aea6ef6870d3e90
bb21577feea531540a8d4f27ac3730ffac111e1b
4f068500ef9ef0dbffa5b76ac10f1970a7a9de8ff033f84228971a140eb20069

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7114
Content-Type: text/css

www.18fire.com/wp-content/plugins/woocommerce/assets/css/select2.css?ver=4.3.6

119.18.58.80

200 OK

3.2 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/css/select2.css?ver=4.3.6
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (14938), with no line terminators
Size
3.2 kB (3177 bytes)
Hash
ddabe016be4ad540bcf6e461641b2043
53dbde685816860b3249ce82de68c0411a4dd0b5
58cb341aa006bee82b21d212cb10561647ae3216332599c185d4eaaafdd3fcfc

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/select2.css?ver=4.3.6 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3177
Content-Type: text/css

www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/css/frontend-currency-selector-inline-centered.css?ver=5.4.12

119.18.58.80

200 OK

311 B

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/css/frontend-currency-selector-inline-centered.css?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
311 B (311 bytes)
Hash
1e8e24495a63610eb2299dd3f300632a
059f8ceae46d94ad167073f1873ebe9e762b550a
35f6ff2e0df111f10bfbba27a4d3ac2bac34486cd420c5ee0aeb26a065b002d9

HTTP Headers

GET /wp-content/plugins/woocommerce-multiple-currencies/css/frontend-currency-selector-inline-centered.css?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 311
Content-Type: text/css

www.18fire.com/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=4.9.512

119.18.58.80

200 OK

12 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=4.9.512
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (55951), with CRLF line terminators
Size
12 kB (12205 bytes)
Hash
7cafcd39778f18e76059b376e14472d9
4ee7ce67678abbbba6e4f74917c80c66d3788c85
6d8d4e2a79efa701904a3523b536c917ddf3ea00494812c2c9ea708afc0cbd03

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/super-forms/assets/css/fonts/css/all.min.css?ver=4.9.512 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:49 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12205
Content-Type: text/css

www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0

119.18.58.80

200 OK

5.2 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (15658)
Size
5.2 kB (5202 bytes)
Hash
ae2c7094b509e7e01529c4ae9dcea000
809683693956d7f3c5907ddf6065ed8fc934b2a5
41289567ed6f914d3115357c5380a4e7c2e34aca37ccdd45f3ac930a5c66a172

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5202
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.11

119.18.58.80

200 OK

8.5 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.11
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document, ASCII text, with very long lines (22479), with no line terminators
Size
8.5 kB (8512 bytes)
Hash
eec6b958bfb10e1d7ac9a3c3f36629ef
4c6cb87fc6b438a5a6778df5a5434ed0909e9b4f
1721eb359e117e2615a4f08ea7d80b4739be41bf9c6b7761ab3cd8803df2db6c

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.11 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8512
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/css/theme1.css?ver=1.0.0

119.18.58.80

200 OK

84 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/css/theme1.css?ver=1.0.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
84 kB (84548 bytes)
Hash
adf7b89118642ea501fb9402acf965e7
359a3a6fc8615775fe42745631bfb8b33b4d4524
03c7df5c872391dadf21656ddfc8fde630c67d4e66a6ee2cf4e3c9292ab0c71d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/css/theme1.css?ver=1.0.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:16 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

www.18fire.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70

119.18.58.80

200 OK

4.0 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (9172)
Size
4.0 kB (4024 bytes)
Hash
1634848cac6bee67add01a21261fcde0
5a831f11c2aed128419ec5fe2bfdb91e04b770f5
bf7374b854854ed1a337f0c83f0d8ee44b2e2d09d2ed9669b6f04456cd93416c

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4024
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4

119.18.58.80

200 OK

994 B

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1680)
Size
994 B (994 bytes)
Hash
6288aae4bca8a1cf895fc741f6758bea
ae5a8bd6281e058852d8a93562196298556f53f5
1136e8c7449b0bfb5117fc8a0807125dc2e9b5afa45994af3a058a2a77d3e5d7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 994
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.18fire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 341436
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Size
31 kB (31320 bytes)
Hash
3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.18fire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:57:48 GMT
expires: Tue, 28 Nov 2023 18:57:48 GMT
cache-control: public, max-age=31536000
age: 341129
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/rubik/v21/iJWbBXyIfDnIV7nEt3KSJbVDV49rz8u6FHU3f4I.woff2

216.58.207.227

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v21/iJWbBXyIfDnIV7nEt3KSJbVDV49rz8u6FHU3f4I.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17636, version 1.0\012- data
Size
18 kB (17636 bytes)
Hash
0f614148551e063fe3b0502912286bf5
243cb71e2a5f6560de0f4cade6ebe90bb1fd6db6
97d40dd8afcd6961b83e2438698fe062e1c67dba181fb39803707ae4135534a3

HTTP Headers

GET /s/rubik/v21/iJWbBXyIfDnIV7nEt3KSJbVDV49rz8u6FHU3f4I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.18fire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17636
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:09:12 GMT
expires: Wed, 29 Nov 2023 15:09:12 GMT
cache-control: public, max-age=31536000
age: 268445
last-modified: Mon, 18 Jul 2022 19:13:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

216.58.207.227

200 OK

34 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size
34 kB (33580 bytes)
Hash
848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

HTTP Headers

GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.18fire.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:32:08 GMT
expires: Wed, 29 Nov 2023 18:32:08 GMT
cache-control: public, max-age=31536000
age: 256269
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.18fire.com/wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=4.9.512

119.18.58.80

200 OK

37 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=4.9.512
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1981), with CRLF line terminators
Size
37 kB (36718 bytes)
Hash
5249a4ac74d209af898cf07e09509e0c
d79a9709ac042b00b275907d6242e1c1311e88e8
641b42d442f3e6280b661d537ddca144dcdc2d51d83fa89998539ff24d7ac7ae

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/super-forms/assets/css/frontend/elements.css?ver=4.9.512 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 17:43:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.3.6

119.18.58.80

200 OK

787 B

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.3.6
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (2047), with no line terminators
Size
787 B (787 bytes)
Hash
884258c84e193dfdaf165675db960895
15af2bbf45f63111953ccdd6a9634a2a54ca4977
85d55c46325925ffc503522d5215aec0b71d8244b5fb55a50762f3e9fcbb8b4f

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.3.6 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 787
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.3.6

119.18.58.80

200 OK

1.1 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.3.6
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (2940), with no line terminators
Size
1.1 kB (1096 bytes)
Hash
7651ad27b3fd7dff417370d3899ff533
e138c5d9beff0d797671cd26e45a665f6e8e9bfa
d34f0f559a85e4aa7f14ec64aae390a98d495033f19e2c51008e1a1e264022bd

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.3.6 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1096
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6

119.18.58.80

200 OK

7.4 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (21592), with no line terminators
Size
7.4 kB (7372 bytes)
Hash
3abd56e5581e11e4dd5b18bb13324c2d
8a70e4bb310926197fb682649f647b30962bb376
f7dfa478e01da308d03a397c6bb21c8ea1a5bb56b5425819fb964b46a7636b11

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7372
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/bootstrap.min.js?ver=3.2.0

119.18.58.80

200 OK

12 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/bootstrap.min.js?ver=3.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (31650)
Size
12 kB (12386 bytes)
Hash
6c9e8d8ef2b45f82e3148f4cf48e67a0
2f688aebe86d76121688c7002f3f917a48f81c84
34039564aeb188e8847b553ae429687cb1022be50a1e333c1f28140964acfa0c

HTTP Headers

GET /wp-content/themes/monsta/js/bootstrap.min.js?ver=3.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12386
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/slick/slick.min.js?ver=1.6.0

119.18.58.80

200 OK

14 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/slick/slick.min.js?ver=1.6.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (32076)
Size
14 kB (14096 bytes)
Hash
6089654c2cdda263b23e7af02ce9af25
2ddcdfb5a759f83cc03ce3862742f815345de84f
c00aa1482aaf5aabc144c5b8859bb42476ff0d67cab68d7f895c9353ca8458a9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/slick/slick.min.js?ver=1.6.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:17 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14096
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/owl.carousel.min.js?ver=2.3.4

119.18.58.80

200 OK

16 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/owl.carousel.min.js?ver=2.3.4
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (31997)
Size
16 kB (15883 bytes)
Hash
8a2ba9702fb3cca3c84924959fff383d
ec7e32b952d84e211870dd0e9f1520582e3b4270
ebcdf76e9e513c320785d95cbfa122a4aaa6143fc8ea69a2ea0dedf0277828b8

HTTP Headers

GET /wp-content/themes/monsta/js/owl.carousel.min.js?ver=2.3.4 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15883
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.jquery.min.js?ver=1.3.0

119.18.58.80

200 OK

8.6 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.jquery.min.js?ver=1.3.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (27363)
Size
8.6 kB (8614 bytes)
Hash
e1b54df1a48e371dfd0f5fcd823e0a0a
e5b3cadb7fa20ae3aae67e38fb7bd46fb12f1f82
6b965aa6ed7721e08f53d9ac111a8196bce27e131cf9c02d7c2401427576def6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/chosen/chosen.jquery.min.js?ver=1.3.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8614
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.proto.min.js?ver=1.3.0

119.18.58.80

200 OK

8.7 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/chosen/chosen.proto.min.js?ver=1.3.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (27728)
Size
8.7 kB (8694 bytes)
Hash
d47d60ab629fe4cf27fa93166aecd5e0
1cad21f342a243543e695217f147864366ebbe34
a77ce630556b2cd3913a6915078ee662723a9e27d09d2b67d1bcc6813836bc4a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/chosen/chosen.proto.min.js?ver=1.3.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8694
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5

119.18.58.80

200 OK

10 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (645)
Size
10 kB (10428 bytes)
Hash
044b6bfd4fde3124f72eb20a984516ad
dcc4f52687b9d058c9a5e5268ee45e25575fd963
5430ab8c730223d31b9350d2735eb11b8fb9d5594d61dbe653957fa34a967131

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/fancybox/jquery.fancybox.pack.js?ver=2.1.5 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10428
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=1.0.5

119.18.58.80

200 OK

1.1 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=1.0.5
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (411)
Size
1.1 kB (1131 bytes)
Hash
17edfb2d8dd16df2fdb197de5ab5b42d
e5ec488408aacf9d0befc1d8cb4ca98469d032f0
b0826e7213b1fdc9d9e2134c8a3cbd35e8ee238e484ef780b73ac40b320961d4

HTTP Headers

GET /wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-buttons.js?ver=1.0.5 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1131
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-media.js?ver=1.0.6

119.18.58.80

200 OK

2.1 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-media.js?ver=1.0.6
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
2.1 kB (2105 bytes)
Hash
733fa04ec3f525a0940cf3a8a6072c0f
4f701e75fa37845d24db9f57aa16c1581634e423
710ceebdffbdb3d0dc5e231b48548202c27c59b3cd2f1d8d27007256e8665b51

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-media.js?ver=1.0.6 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2105
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0.7

119.18.58.80

200 OK

1.6 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0.7
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
1.6 kB (1597 bytes)
Hash
e497bd1fbd58567aa278bb22a365662a
d456ae9263de2664f5fd5d0ca5bb474876cc0d4a
e7b3833bc02f644f46f8c6221b8d6ece7e5971df0c2559106ceb36f6d18c567c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/fancybox/helpers/jquery.fancybox-thumbs.js?ver=1.0.7 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1597
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/modernizr.custom.min.js?ver=2.6.2

119.18.58.80

200 OK

1.6 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/modernizr.custom.min.js?ver=2.6.2
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
HTML document, ASCII text, with very long lines (2861)
Size
1.6 kB (1554 bytes)
Hash
44212b4a62a712fabbd5ec14db528334
c2b080c72aaab97b01e79260d66443174ccc6248
169b5f2df49d048ee4ae00fc32a420d95e85af9fe8ae1abe28ba1f641a59d5eb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/modernizr.custom.min.js?ver=2.6.2 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1554
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/superfish/superfish.min.js?ver=1.3.15

119.18.58.80

200 OK

1.9 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/superfish/superfish.min.js?ver=1.3.15
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (4065)
Size
1.9 kB (1886 bytes)
Hash
198b9e5aa410ef799ed7a022358d650a
82dc75c270160b13364ad5211a986324cee92793
9d08492121edb5d1bf7324fdecde57b77603c2549413c5febb80ef1a4accd5f1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/superfish/superfish.min.js?ver=1.3.15 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1886
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/jquery.shuffle.min.js?ver=3.0.0

119.18.58.80

200 OK

5.4 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/jquery.shuffle.min.js?ver=3.0.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (12821)
Size
5.4 kB (5367 bytes)
Hash
405ab078a53aebef9ad48089a0c4b5c0
9cb6eead380f3ba36948864fb1cc64f8ade0f856
52067a40471076d1fe3113e13178079713201b2bc4e29bbae362c295d0c50fba

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/jquery.shuffle.min.js?ver=3.0.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5367
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/jquery.mousewheel.min.js?ver=3.1.12

119.18.58.80

200 OK

1.3 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/jquery.mousewheel.min.js?ver=3.1.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (2609)
Size
1.3 kB (1302 bytes)
Hash
d3bd1152495ea7c4d5b7fc9738f0a97b
b726904a12be3d4b2aef31c667ad84b7049e89ab
7c6718425101fce7329a820514953b9b21a03ac82b92a41dcf29b6c9edfd9607

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/jquery.mousewheel.min.js?ver=3.1.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1302
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/jquery.countdown.min.js?ver=2.0.4

119.18.58.80

200 OK

2.2 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/jquery.countdown.min.js?ver=2.0.4
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (3349)
Size
2.2 kB (2210 bytes)
Hash
42e67364ee63788a161ae83899996b1f
7361664dec8aaf1a7777884d9df5e0fb547f5391
eb1252c8708611696965fde51ef2d8d35f48ab2289af1dc555c682bd298db165

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/jquery.countdown.min.js?ver=2.0.4 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2210
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/jquery.counterup.min.js?ver=1.0

119.18.58.80

200 OK

575 B

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/jquery.counterup.min.js?ver=1.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (917)
Size
575 B (575 bytes)
Hash
13629919ef5b594af7d51b808528b57a
e7a8fca7cafd09f00ee3ac29d1082b623c0ebe00
eedd33bedcf87a1b5757ded24f4eb24a1f11188fb64ce71145872f43437d79bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/jquery.counterup.min.js?ver=1.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 575
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/waypoints.min.js?ver=1.0

119.18.58.80

200 OK

3.1 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/waypoints.min.js?ver=1.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (7808)
Size
3.1 kB (3128 bytes)
Hash
5ec6c0d6c720049d42dac350544dc9e6
0aef4ef2d827db22ea59fa29e4066c5782ffa921
ec3a9624c61a4cbe21a484ae2aec6322583010b3d5eaca597278fc02fd96f37c

HTTP Headers

GET /wp-content/themes/monsta/js/waypoints.min.js?ver=1.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3128
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/variables.js?ver=20140826

119.18.58.80

200 OK

449 B

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/variables.js?ver=20140826
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text
Size
449 B (449 bytes)
Hash
a95eb5eb96f9fdff0846d775ccf509df
fc1d5538b5b8f1920a21d8cfe906690b8b174e22
7635f648f606f3c47bb9c0b4b108e735d1902feba0c37706ae48104b3b81e3fb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/variables.js?ver=20140826 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 449
Content-Type: application/javascript

www.18fire.com/wp-content/themes/monsta/js/theme-monsta.js?ver=20140826

119.18.58.80

200 OK

12 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/js/theme-monsta.js?ver=20140826
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (451)
Size
12 kB (11862 bytes)
Hash
9f277c4f88a3bd223b22b347843b2e14
98f7fb8f03f58db0ff166bc9efeb5a672b234a1e
4526c912308de84f15fe7f39640cf6e9684e194840f1935a0fdbd6e700168e87

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/js/theme-monsta.js?ver=20140826 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11862
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.0

119.18.58.80

200 OK

4.0 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (367), with CRLF line terminators
Size
4.0 kB (3982 bytes)
Hash
452fe963202393f7bcdbb982aa43eda1
e9d3055c0b19e159fa4d75ce85fdbb56cfb349bf
4cdedc5dea1521c2b5ce546d1400b73da03a5e5ae507de49000bb634fa64656f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3982
Content-Type: application/javascript

www.18fire.com/wp-includes/js/wp-embed.min.js?ver=5.4.12

119.18.58.80

200 OK

777 B

URL HTTP/1.1
www.18fire.com/wp-includes/js/wp-embed.min.js?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1391)
Size
777 B (777 bytes)
Hash
06ece4d01ee88297957c9f4cdcaa4df5
2b3321654a8ead1e1493eac9b5f1fdfb65e2037f
0b17eb6ab02e69f50ac52ca157375bd69853ae4f4796eb48a35eb4a12fc7af8b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 777
Content-Type: application/javascript

www.18fire.com/wp-includes/js/underscore.min.js?ver=1.8.3

119.18.58.80

200 OK

6.4 kB

URL HTTP/1.1
www.18fire.com/wp-includes/js/underscore.min.js?ver=1.8.3
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (16010)
Size
6.4 kB (6378 bytes)
Hash
96bea734708712077251c5329641f1c6
5a37dc74b5532c8905fd02a17771199e78d1d880
a1e8bb45168c7805dd39f1e2fdecda8f10e30132f9d935841c063281be341e4a

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.8.3 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6378
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.3.6

119.18.58.80

200 OK

4.5 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.3.6
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (13519), with no line terminators
Size
4.5 kB (4478 bytes)
Hash
a0fecc1acd7183257b27dab0b6c8a1f2
86a2df2bd1b3cdb4f41c0fc044358441df0c7e44
48442d96468acef73463f8d50034f446cb3d3df5c3fc8ffac7d281c91b45f352

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.3.6 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4478
Content-Type: application/javascript

www.18fire.com/wp-includes/js/wp-util.min.js?ver=5.4.12

119.18.58.80

200 OK

591 B

URL HTTP/1.1
www.18fire.com/wp-includes/js/wp-util.min.js?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (1042)
Size
591 B (591 bytes)
Hash
9875c15a68630290d320fa21f40acca4
f63ea6aaa76e246fcf9b23a4dbf3a44511ecff8f
2e4ddc4e0ad92fafcb268e92cc465048f0696c548b313def8fc91eeae8e2293f

HTTP Headers

GET /wp-includes/js/wp-util.min.js?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:43 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 591
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0

119.18.58.80

200 OK

7.3 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (20378)
Size
7.3 kB (7279 bytes)
Hash
91b65cf0bd6608fbcf08d4852a3be992
08c5b6c535209e69fd1b35819ea5b037a68fddc1
4c3dd42b8dd99acefef76ddd18b290ab3f93a37875947e93a7a315fca91db3c2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7279
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-controller.js?ver=5.4.12

119.18.58.80

200 OK

1.4 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-controller.js?ver=5.4.12
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1355 bytes)
Hash
0bc0a99d492430144c3ba8fd67668658
47e1a95283f26502fa05a6cf7391f7273d02fc82
1c757d573e772c21c57c84d33ae7f858b6c858539a300d6ebdc481db70b5df1a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce-multiple-currencies/js/frontend-currency-controller.js?ver=5.4.12 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1355
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=4.9.512

119.18.58.80

200 OK

33 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=4.9.512
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
33 kB (33238 bytes)
Hash
850a50b4861a76e499e3d8a078fdec6b
84c7fdd82a4e05fcb4a473163d7ea7bf716dd584
474160773c65eee5e1e4c4457077903053b9fb56f86c60c4991e2e9398bb3562

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/super-forms/assets/js/frontend/elements.js?ver=4.9.512 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:19 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=4.9.512

119.18.58.80

200 OK

515 B

URL HTTP/1.1
www.18fire.com/wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=4.9.512
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with CRLF line terminators
Size
515 B (515 bytes)
Hash
07eed02d2f0bd526edc8ad041e3261ca
f9a58ef30ab1684f47dd71c013c0f728d65a091b
d3a2e4d1a2084d071e17dca6016ad9b5e597581799a388f4761ceba02228d33f

HTTP Headers

GET /wp-content/plugins/super-forms/assets/js/frontend/common.js?ver=4.9.512 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:19 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 515
Content-Type: application/javascript

www.18fire.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=4.3.6

119.18.58.80

200 OK

1.2 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=4.3.6
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
ASCII text, with very long lines (6758), with no line terminators
Size
1.2 kB (1171 bytes)
Hash
db3218984a8b4abfb2fcb8fbadf567af
6e1ecb91efbe89ccea24cb4c75693074d0615476
d8f42f621f6a96dff98788fbffa113beca74161e2890b1b84c30aa80bbb25dab

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=4.3.6 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:19 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1171
Content-Type: text/css

www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/img/loader.gif

119.18.58.80

200 OK

6.0 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce-multiple-currencies/img/loader.gif
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
GIF image data, version 89a, 24 x 24\012- data
Size
6.0 kB (5974 bytes)
Hash
4903b9caf31125e98f27e792ca53b3d5
0d17b93375f8465fa949a8c8cf2be564ac3b27c2
ffddf9988876afc6f92559ea0c90cdce581ae510c9b37b323917cc2c53baefb4

HTTP Headers

GET /wp-content/plugins/woocommerce-multiple-currencies/img/loader.gif HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:19 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:44 GMT
Accept-Ranges: bytes
Content-Length: 5974
Content-Type: image/gif

www.18fire.com/wp-content/themes/monsta/fonts/fontawesome-webfont.woff2?v=4.3.0

119.18.58.80

200 OK

58 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/fonts/fontawesome-webfont.woff2?v=4.3.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
gzip compressed data, max compression\012- data
Size
58 kB (57569 bytes)
Hash
1f2bcebdf2eea912ba250319c0c4d0f7
e21844ff7ea9d784be8691dc126276cc1c440567
6d1254f5ab0b7d7f29961de0268b8eda9d3e033f1fd17e4a41c27bace06c6921

HTTP Headers

GET /wp-content/themes/monsta/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/themes/monsta/css/font-awesome.min.css?ver=4.2.0
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:19 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
Content-Length: 56780
Content-Type: font/woff2

www.18fire.com/wp-content/themes/monsta/fonts/ionicons.ttf?v=2.0.0

119.18.58.80

200 OK

188 kB

URL HTTP/1.1
www.18fire.com/wp-content/themes/monsta/fonts/ionicons.ttf?v=2.0.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size
188 kB (188508 bytes)
Hash
24712f6c47821394fba7942fbb52c3b2
1b0a0de084905946a20300ca8c354865dec46764
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/monsta/fonts/ionicons.ttf?v=2.0.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/themes/monsta/css/ionicons.css?ver=2.0.1
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:05 GMT
Server: nginx/1.17.6
Content-Type: font/ttf
Content-Length: 188508
Last-Modified: Sun, 16 Oct 2022 08:11:51 GMT
Accept-Ranges: bytes
X-Server-Cache: false

www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

119.18.58.80

200 OK

77 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.min.css?ver=4.7.0
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:19 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:46 GMT
Accept-Ranges: bytes
Content-Length: 77160
Content-Type: font/woff2

www.18fire.com/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3

119.18.58.80

200 OK

28 kB

URL HTTP/1.1
www.18fire.com/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
Unicode text, UTF-8 text, with very long lines (32091)
Size
28 kB (27549 bytes)
Hash
bed980cd950b8943b961888b97171cfa
11d47bfba0dcc985d008721412ebf9f514a794e5
e7dc94e8297eb49735d4d57590633c6c8486a98bfca57f3543f9913fe6f8ce4f

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:18 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

142.250.74.170

200 OK

5.4 kB

URL HTTP/1.1
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 5437
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 26 Nov 2022 07:46:38 GMT
Expires: Sun, 26 Nov 2023 07:46:38 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 554202
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8

fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800,300italic,400italic,600italic,700italic,800italic

142.250.74.106

200 OK

1.1 kB

URL HTTP/1.1
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800,300italic,400italic,600italic,700italic,800italic
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
1.1 kB (1054 bytes)
Hash
7d5978eb65ebf46f535000aeb7b83d11
d64c84281e4ca0605a4f4cc201edd15c2328a7f7
fffe03db40fdc7db46668277add134eb4886f80caa9faf08b9ca8360908e3ebd

HTTP Headers

GET /css?family=Open+Sans:300,400,600,700,800,300italic,400italic,600italic,700italic,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 02 Dec 2022 17:43:20 GMT
Date: Fri, 02 Dec 2022 17:43:20 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/1.1
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.18fire.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 28 Nov 2022 19:26:02 GMT
Expires: Tue, 28 Nov 2023 19:26:02 GMT
Cache-Control: public, max-age=31536000
Age: 339438
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.227

200 OK

48 kB

URL HTTP/1.1
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.18fire.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 47952
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 29 Nov 2022 01:16:09 GMT
Expires: Wed, 29 Nov 2023 01:16:09 GMT
Cache-Control: public, max-age=31536000
Age: 318431
Last-Modified: Mon, 15 Aug 2022 18:22:41 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/1.1
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Size
31 kB (31320 bytes)
Hash
3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.18fire.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 31320
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 01 Dec 2022 16:50:22 GMT
Expires: Fri, 01 Dec 2023 16:50:22 GMT
Cache-Control: public, max-age=31536000
Age: 89578
Last-Modified: Mon, 15 Aug 2022 18:11:37 GMT
Content-Type: font/woff2

www.18fire.com/wp-content/uploads/2020/08/favicon.jpg

119.18.58.80

200 OK

6.0 kB

URL HTTP/2
www.18fire.com/wp-content/uploads/2020/08/favicon.jpg
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 90x70, components 3\012- data
Size
6.0 kB (5989 bytes)
Hash
388c8ddc8d8802d1eecbc83e3c9f51ca
542efc4a3e2458c2db3d723cf0d90bf116f8658c
9721db313ba6a6fde846ab548f6f2f2a34bab7fddd0b722c5d9b75208d275b35

HTTP Headers

GET /wp-content/uploads/2020/08/favicon.jpg HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.18fire.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Sat, 15 Oct 2022 18:00:51 GMT
accept-ranges: bytes
content-length: 5989
content-type: image/jpeg
date: Fri, 02 Dec 2022 17:43:20 GMT
server: Apache
X-Firefox-Spdy: h2

www.18fire.com/?wc-ajax=get_refreshed_fragments

119.18.58.80

200 OK

382 B

URL HTTP/1.1
www.18fire.com/?wc-ajax=get_refreshed_fragments
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JSON data\012- HTML document, ASCII text, with very long lines (1033), with no line terminators
Size
382 B (382 bytes)
Hash
8fe05364c97d2cc0b8c69220af4017fd
58e5c0ddfaa590856c520d876bd560ef12355ff1
d90178cb718d8e7371f0436ba8bf225e6ed5bfd0c720a3e24a5d2e0277d3664c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://www.18fire.com
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:20 GMT
Server: Apache
Access-Control-Allow-Origin: http://www.18fire.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
X-Robots-Tag: noindex
Set-Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434; expires=Fri, 02-Dec-2022 18:13:14 GMT; Max-Age=1794; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 382
Content-Type: application/json; charset=UTF-8

www.18fire.com/?wc-ajax=get_refreshed_fragments

119.18.58.80

200 OK

382 B

URL HTTP/1.1
www.18fire.com/?wc-ajax=get_refreshed_fragments
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type
JSON data\012- HTML document, ASCII text, with very long lines (1033), with no line terminators
Size
382 B (382 bytes)
Hash
8fe05364c97d2cc0b8c69220af4017fd
58e5c0ddfaa590856c520d876bd560ef12355ff1
d90178cb718d8e7371f0436ba8bf225e6ed5bfd0c720a3e24a5d2e0277d3664c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://www.18fire.com
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:20 GMT
Server: Apache
Access-Control-Allow-Origin: http://www.18fire.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
X-Robots-Tag: noindex
Set-Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434; expires=Fri, 02-Dec-2022 18:13:14 GMT; Max-Age=1794; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 382
Content-Type: application/json; charset=UTF-8

fonts.googleapis.com/css?family=Rubik%3A700italic%2C300%2C400%2C500%2C700&subset=latin%2Clatin-ext

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Rubik%3A700italic%2C300%2C400%2C500%2C700&subset=latin%2Clatin-ext
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Rubik%3A700italic%2C300%2C400%2C500%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.18fire.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 17:43:14 GMT
date: Fri, 02 Dec 2022 17:43:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.18fire.com/wp-content/plugins/super-forms/assets/js/common.js?ver=4.9.512

119.18.58.80

200 OK

0 B

URL HTTP/1.1
www.18fire.com/wp-content/plugins/super-forms/assets/js/common.js?ver=4.9.512
IP
119.18.58.80:0
ASN
#394695 PUBLIC-DOMAIN-REGISTRY

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/super-forms/assets/js/common.js?ver=4.9.512 HTTP/1.1
Host: www.18fire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.18fire.com/wp-content/plugins/super-forms/uploads/php/files/ff962218c24d6c75f156acceadbf843d/lipivezokexixivo.pdf
Cookie: super_session=35d904c0a0c089a60a766b89e8a1c3c9%7C%7C1670004794%7C%7C1670004434

HTTP/1.1 200 OK
Date: Fri, 02 Dec 2022 17:43:19 GMT
Server: Apache
Last-Modified: Sun, 16 Oct 2022 08:11:45 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (63)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations