Report - beerfestthegoodone.f2f.org/mst/?OgmqcGXCnkEuhDGNWIayooJSWYiEjveXf//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

Report Overview

Visited public
2023-12-08 13:44:07
Tags
URL
beerfestthegoodone.f2f.org/mst/?OgmqcGXCnkEuhDGNWIayooJSWYiEjveXf//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
Finishing URL
f2f.org/
IP / ASN
209.182.204.177
#54641 IMH-IAD
Title
Face to Face | ending HIV in Sonoma County|Sonoma County AIDS Network

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

192

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
beerfestthegoodone.f2f.org	unknown	1998-03-09	2019-11-08 04:19:44	2023-12-08 06:43:18	1.8 kB	987 B	209.182.204.177
f2f.org	unknown	1998-03-09	2015-07-01 09:44:45	2023-12-08 10:53:47	45 kB	2.0 MB	209.182.204.177
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-08 07:46:22	6.1 kB	324 kB	216.58.207.227
acsbapp.com	5220	2020-08-08	2020-08-14 07:49:08	2023-12-07 17:39:57	413 B	92 kB	104.22.0.204
aus5.mozilla.org	2548	1998-01-24	2015-10-27 08:06:24	2023-12-08 05:09:05	523 B	6.5 kB	35.244.181.201
ciscobinary.openh264.org	40822	2013-10-19	2014-10-07 07:43:56	2023-12-08 05:09:07	305 B	512 kB	62.115.252.115
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-08 05:47:56	426 B	82 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-08 07:43:19	1.4 kB	20 kB	216.58.211.10
pixel.wp.com	2545	1997-03-28	2017-01-30 06:31:40	2023-12-07 05:09:58	504 B	239 B	192.0.76.3
moderate9-v4.cleantalk.org	unknown	2012-09-28	2023-05-24 21:52:34	2023-12-07 23:53:53	468 B	362 B	51.81.55.251
stats.wp.com	2711	1997-03-28	2017-01-30 06:06:59	2023-12-08 05:16:46	406 B	5.3 kB	192.0.76.3
cdn.acsbapp.com	5589	2020-08-08	2020-08-16 08:12:24	2023-12-08 10:40:37	443 B	1.1 kB	104.22.1.204

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed
2023-12-08	medium	f2f.org	Sinkholed

ThreatFox

No alerts detected

Files detected

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.115
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

JavaScript (84)

	URL	From	Size	First Seen	Last Seen
	f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown-multi-lang.js?ver=2.3.7	ScriptElement	1.1 kB	2023-03-10	2025-01-17
Pretty URL f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown-multi-lang.js?ver=2.3.7 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 08:38 Last Seen2025-01-17 11:12 Times Seen15 Hash 7fa84f574a778b8e23c003df5149541d 6777551fafd7655159cb38bc1f359adfa2548e8d f9646cd658fd339ab9a3fa9bc01e2072e64a96c9a95c140ded0efc04f384a823 Loading...

	f2f.org/	ScriptElement	1.6 kB	2023-11-08	2025-05-09
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 18:08 Last Seen2025-05-09 18:05 Times Seen1942 Hash 7efdec5af83468c8cba1c2265598f781 65042a9b49062b474b953896c63c46d9fcf304b5 a53456e3dd0cff98dd8a325241191863451cdacca4f0716fa2e2cd581121cd86 Loading...

	unknown	EventHandler	38 B	2023-04-10	2025-05-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:02 Last Seen2025-05-11 15:03 Times Seen23568 Hash 43e28c5553d54ed2964bd5147521769b 0a2b8c3db330a47aa7b9195e6dfdf944adb9240d d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23 Loading...

	f2f.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	ScriptElement	115 kB	2023-11-03	2025-05-10
Pretty URL f2f.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-10 18:00 Times Seen9665 Hash 9a98016751e498c06d434cc022ca1a44 6aa9af5fe436eab9c313de9f0bea072c04637624 da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8 Loading...

	f2f.org/	ScriptElement	47 B	2023-03-07	2025-05-11
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:15 Times Seen6893 Hash 2f518cfc8223c53c44094f57eacc972f a919f586352875054a0a7f438c3e3d33cb5768b3 1d89df5c4aeb93c45e67d479e74ca02e5a104d7e421e4f2415e4a204c9816b0b Loading...

	f2f.org/	ScriptElement	400 B	2024-08-20	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen3 Hash 3a773ef383339a478a631e6935e1f674 422b87f3f3bfb1911e113b4e8a0694fc4e94bb07 bbe06ba0e97bb2474048aef67f9502c2b1649f091afac1e763155bf13b4bc204 Loading...

	f2f.org/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.3.1	ScriptElement	1.0 kB	2023-11-30	2025-05-10
Pretty URL f2f.org/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.3.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 17:21 Last Seen2025-05-10 15:42 Times Seen346 Hash a196fc442165c7871d8623233601b2d5 1d11da022dd608f770abf6ec67fbd02da0b87b6e 15bd939a375fb864cb4355c057b6e11ff95c4ead66b210362e41a50c4eea8c47 Loading...

	f2f.org/	ScriptElement	1.2 kB	2024-08-20	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen3 Hash 58a0a32285a387a6561b703207492482 b9c671c018c01281a1ee64d122416c6e1c0fe0cd c6af214071f6c3580942265c8f307a1e7c2379741e7238872c321a45f0a6a125 Loading...

	f2f.org/	ScriptElement	739 B	2023-03-07	2025-05-11
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:07 Last Seen2025-05-11 12:15 Times Seen4632 Hash ff682bd8e00a4c2b202a4d37f7ba3cdd 4b92aa9fb8a9cf79c352ece5cba00b2f281de332 d1576e7c5bb5b36cc04888b220fb672165073615b2423b76b51074334d616555 Loading...

	f2f.org/	ScriptElement	6.0 kB	2023-12-07	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-07 20:24 Last Seen2024-08-20 16:26 Times Seen9 Hash 42e907458adcb9ebd1798a1063671b4e c5a84dd840e6cb454ebe0f33ee56ba901bbdf20f 49d0455533b5a39a1d810864bd850a733ad3fb3a34ab7eeaf2b7cbd42c1d4454 Loading...

	f2f.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.23.1	ScriptElement	274 kB	2023-10-20	2025-05-05
Pretty URL f2f.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.23.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-20 06:01 Last Seen2025-05-05 16:35 Times Seen956 Hash 96896ebc5293989884f6cd4eb7188d73 bd3ec97f84961c97b895d00e5d9e060fde0ebf5f 033a80c98752135ba755fa9b3733169b45c7a56f4bf60b619228ed990258dc81 Loading...

	f2f.org/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef	ScriptElement	9.4 kB	2023-08-08	2025-05-09
Pretty URL f2f.org/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 23:25 Last Seen2025-05-09 13:52 Times Seen13725 Hash c2c4e2a562e06e1cb22293a5b920aca6 a7b5a369ac4883f1ee7fa701b238d20238b675ca 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f Loading...

	unknown	ScriptElement	76 B	2023-03-07	2025-05-06
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-05-06 14:16 Times Seen47 Hash 618efe0f5d5ba7a28845bfa2bd83a7b2 107fbfebbb996499759dd4cf2f22b4677bb28537 c88d9cabfb7fc5acda1af1c54f18acd05875e2d19bd6708f0111535eda9b273a Loading...

	f2f.org/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.3.1	ScriptElement	9.6 kB	2023-08-09	2025-05-11
Pretty URL f2f.org/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.3.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-09 05:33 Last Seen2025-05-11 14:03 Times Seen16259 Hash ef56117d1bb5cc41aa6bd127a49c7640 b9c2ed774177fc0fceba5cb58113024b23fe4fb7 d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620 Loading...

	f2f.org/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e	ScriptElement	17 kB	2023-05-07	2025-05-10
Pretty URL f2f.org/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-07 19:54 Last Seen2025-05-10 04:21 Times Seen1289 Hash 4ef53fe41c14a48b294541d9fc37387e b40c361471225c030e272f10b8d32307b5878223 cc039b37e34853a9bef9d693ebc4366b38d9cec1aa91e0109196cd62f870ae52 Loading...

	f2f.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1	ScriptElement	14 kB	2023-05-09	2025-05-11
Pretty URL f2f.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-09 19:21 Last Seen2025-05-11 14:30 Times Seen106219 Hash 9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Loading...

	f2f.org/	ScriptElement	206 B	2023-11-07	2025-05-11
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-07 23:57 Last Seen2025-05-11 12:15 Times Seen3602 Hash c41deaf84d1c74db489ee38837b25689 f4d1c111722f85c8a9f0faa06a7b2ac2a913fa17 ae799f59cd8fbe0017c3c8f659373021b7cf53d9f87b9e16ce738a4d9138cff9 Loading...

	www.googletagmanager.com/gtag/js?id=G-3KDK0TQSYW	ScriptElement	229 kB	2023-12-08	2023-12-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-3KDK0TQSYW IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 14:44 Last Seen2023-12-08 14:44 Times Seen1 Hash d6fc3ec804afda379ab80b9dd235b597 da70156428bcf0976b089ad5ea33a208e0a63790 514c15804f338f7d7a10ba2547c5cbaea8b84b4ae3465df66e4c49df84f0510c Loading...

	f2f.org/	ScriptElement	133 B	2023-05-25	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 10:31 Last Seen2024-08-20 16:26 Times Seen9 Hash 7904f1750a6a8090a9434e91fbebbac9 618a5481492609b440fdd15a5d9af618edc9eae4 7cbb78a45b10e1919e424ff1ba31a4f7572d87c8d0c4d66c8ae089f1fd0337e4 Loading...

	f2f.org/	ScriptElement	351 B	2023-12-07	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-07 20:24 Last Seen2024-08-20 16:26 Times Seen9 Hash 543bffb58af19432c53076a9a45ab7d4 938e8bc657fafc2dda167742480814d8ea281e5f cb922b90be58224e30e0bff571e397600054d0907cf68c71f2e2f464cda54e09 Loading...

	f2f.org/	ScriptElement	105 B	2023-05-25	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 10:31 Last Seen2024-08-20 16:26 Times Seen9 Hash 88eaec672abd72db5ab6dd812ad6a65d cf5fd2537f6003264d3d558d393c51b1281b012a 908a6931e5cc2c9e1b7706ba89d776927a846cdef9c5fec6d97ea6a10fb4653e Loading...

	f2f.org/	ScriptElement	262 B	2023-05-25	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 10:31 Last Seen2024-08-20 16:26 Times Seen9 Hash cdb30b5e098eb447b786896cf3c06ce6 b8c89d3efb9faa779c938b93240e294b754fb7e2 d6461d5bd16d0c5b889e0691d48a9db09d2d42614294352129a964344122d675 Loading...

	f2f.org/	ScriptElement	135 B	2023-03-07	2025-05-11
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 14:31 Times Seen29339 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	f2f.org/	ScriptElement	816 B	2024-08-20	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen3 Hash 87b4b681bfd6afc65ba10d7297aff19f 6987ad8ed7382d682a895329a006148055e3a6d7 53ac3e472f42eee39f62641ee840a0307c8c5760b1fad9e84c70bd770c3d940f Loading...

	f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.23.1	ScriptElement	9.3 kB	2023-03-07	2025-05-10
Pretty URL f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.23.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42 Last Seen2025-05-10 21:24 Times Seen1270 Hash 00346ced8d8b5c664b826381bdcd7c48 1cb0ab506f3892db432c81ab6982fe6837004d23 5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327 Loading...

	f2f.org/	ScriptElement	376 B	2023-05-25	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 10:31 Last Seen2024-08-20 16:26 Times Seen10 Hash 7d42cbfcaaf36e6dd014c406fa5593d1 5dc7c7afd2bc689960757db9f6afe2284f29fb2e 1abfd00d89a9f66f03df347a34a0c8068aefbdedd1250ca0014592007953a851 Loading...

	f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.23.1	ScriptElement	23 kB	2023-03-07	2025-05-10
Pretty URL f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.23.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-05-10 09:27 Times Seen575 Hash b709961dd29d261ee0ce8fb17101874a 9a286eaaa964091528b256c81bb446c7072b7e19 0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e Loading...

	unknown	EventHandler	11 B	2023-04-10	2025-05-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:02 Last Seen2025-05-11 12:15 Times Seen1775 Hash 55502d99942870d6241f351d1f2d737b e102e477fdd0f9474800a94b5df1fccbe6e02428 ba21d0e962fd67149deb3819bec5eb166d86ff32839869ab1d7ece80611d3254 Loading...

	f2f.org/	ScriptElement	1.7 kB	2023-12-08	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 11:46 Last Seen2024-08-20 16:22 Times Seen5 Hash 48cdfd4ae022c44dcb6c79bfe2f72573 23a1366c5ce487e35f14e2ec72433d27f6efd524 b30bae0e97844f325751a43186ddc1beb131e43f23e3c89f2629f9e43dd0f983 Loading...

	unknown	EventHandler	39 B	2023-04-11	2025-05-11
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-11 03:58 Last Seen2025-05-11 12:15 Times Seen3278 Hash 87b659c90b81604997dd06a67e8b773e bc13329ca575a3e32c93e0e1cf791f47f91b0c2f 1ac445488ebead2ed0b74a9c86ad76fa1a81f363806218afb2ae4aae5f127448 Loading...

	f2f.org/	ScriptElement	1.6 kB	2023-11-08	2025-04-22
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 18:08 Last Seen2025-04-22 20:54 Times Seen89 Hash fdb32162c195ef7f8d6bc40c260e619f dd20aa9ea690640a5dac38693c21f765b0271a39 347d798763f0a0b7e817cb2a9985d7230513fe6a68135bff13bf52cfa6318630 Loading...

	f2f.org/	ScriptElement	31 kB	2023-05-25	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 10:31 Last Seen2024-08-20 16:26 Times Seen9 Hash 6c485fe0c96c79c1d2b2e2118296b4d8 7fd742d0e49c919d95b369935cbb8f20cec3b858 5ddd37197e327bd570614af27d6a1ba19679a7fc4b3f87f198b31f8a21e2ee52 Loading...

	f2f.org/	ScriptElement	5 B	2023-03-07	2025-05-06
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-05-06 14:41 Times Seen182 Hash fe1f6492572d993e79f8dad09ea6051c eed8a2b3e0a28262309b5f75ae4cba3cd3eb3132 82e98be6a02f16ded7b88c1fcc2f3da25f554909075c6bffc85e984e8bc0768d Loading...

	f2f.org/	ScriptElement	133 B	2023-05-25	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 10:31 Last Seen2024-08-20 16:26 Times Seen9 Hash d6b27e60ec3fc03cc2f5a07db9af6202 291a2ba94da0b16a971da32ae722a5a91e16181a 2ba6b843ec0ce9f2374b6cffbbb971a5fbca03fb69fbfa3fec06e83a310a0ca7 Loading...

	f2f.org/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.8.0	ScriptElement	4.6 kB	2023-03-07	2025-05-11
Pretty URL f2f.org/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.8.0 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 11:47 Times Seen3905 Hash a39e45502bab7e9e26723e6ab243e8f8 ac62aacd5ee3e7b64ce6a92b5d8e3fb523e34d16 d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060 Loading...

	f2f.org/	ScriptElement	348 B	2024-08-20	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen3 Hash 832bd4d7d0d7f8ad701435994d51d521 afa7cf987d16d628c525530393000c0d1497621f 79a14d74e87cad93b3c7e047acc0ba59a998c69c8192dfd069dc2a3eba2f09e1 Loading...

	f2f.org/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.3.1	ScriptElement	2.1 kB	2023-08-09	2025-05-11
Pretty URL f2f.org/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.3.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-09 05:33 Last Seen2025-05-11 14:03 Times Seen8030 Hash 6d3b3d63df025e97f370c5efab2c96da 78c0c8e7504f9314b2e9fd714bbab530af52f2af 8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6 Loading...

	f2f.org/	ScriptElement	2.2 kB	2023-12-07	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-07 20:24 Last Seen2024-08-20 16:26 Times Seen9 Hash 5b05b7846bd047b2754c4c433cbe21f2 405e6574c470fde463cc29f41368ee7b3b1ee8a1 df6e9783e246d7b081b43528623199a333c11482fa2a7bbbbcdb2538972756f1 Loading...

	f2f.org/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1	ScriptElement	4.6 kB	2023-08-08	2025-05-09
Pretty URL f2f.org/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-08 23:25 Last Seen2025-05-09 13:52 Times Seen14833 Hash 7bd48eb3bd568033e96caf0fb62e6690 b38066999294b99d92d95db5f38bc15707eb1f22 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596 Loading...

	f2f.org/	ScriptElement	1.2 kB	2023-03-09	2025-04-02
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 21:09 Last Seen2025-04-02 23:02 Times Seen50 Hash d0c695e5e83e0574238037a2ac0243b8 4ca43ca1d7ed8f7cc8b9c5d91fd4e7e743b72b78 6a33d01c6417d768b24a6ee02224d4bb86bea7c83f16cf6aa1d413b1bb11338c Loading...

	f2f.org/wp-content/uploads/wtfdivi/en/wp_footer.js?ver=1665143222	ScriptElement	212 B	2023-05-25	2023-12-09
Pretty URL f2f.org/wp-content/uploads/wtfdivi/en/wp_footer.js?ver=1665143222 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-25 10:31 Last Seen2023-12-09 01:09 Times Seen9 Hash b412c53dbbab889d81d1e68c69334553 cd8dca3410f17ad3d8ea35a3f3019cc2bddfddcb b3858758ae51540bcabdcab5c2350c2fce2772880cf4504d5e1b00943fd4ce04 Loading...

	f2f.org/	ScriptElement	433 B	2023-03-08	2025-04-01
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 05:13 Last Seen2025-04-01 21:25 Times Seen82 Hash 278ab671b79501589b5bd24258c13fa7 2cf6cf4013891dac845d8500775020c432670083 8a3595c2020844daa93f3f810bc22a8176c5af06814dc88b619095c6cee8182e Loading...

	f2f.org/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.3.1	ScriptElement	3.0 kB	2023-08-09	2025-05-11
Pretty URL f2f.org/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.3.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-09 05:33 Last Seen2025-05-11 14:03 Times Seen5671 Hash ac7eef7756c1ad7d9df33edae9f60e5d fb334d6bdf233b1c0b3a3658c0763e5916eda4b0 92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42 Loading...

	f2f.org/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.3.1	ScriptElement	1.8 kB	2023-08-09	2025-05-11
Pretty URL f2f.org/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.3.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-09 05:33 Last Seen2025-05-11 14:03 Times Seen6793 Hash 53e07784d8fab2f50b99ff9868124992 d8739feb2845a3fa4a8c085aeabc4eb0e6945590 1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8 Loading...

	f2f.org/	ScriptElement	259 B	2023-05-25	2025-01-16
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 10:31 Last Seen2025-01-16 08:35 Times Seen52 Hash d6bd623da8a3714f809153a2fc800d4c 14afb91cc299c1511169d3fac022a3e6072adc56 5bf9d505e0e04f0a50529f5991c0a9fa31bc154da31bc5392bfa4eba754d6fb3 Loading...

	acsbapp.com/apps/app/dist/js/app.js	ScriptElement	299 kB	2023-12-06	2024-08-20
Pretty URL acsbapp.com/apps/app/dist/js/app.js IP 104.22.0.204 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 18:16 Last Seen2024-08-20 16:34 Times Seen71 Hash af6db79cc261f9ddde2ea78a3341d0c7 2114cda4d52e40b92e36371d8d965dc5ef9cf7cc 82adc81ec49abb103a2d123062623d6663f4132e9d4402ba868b1a53c64a74c4 Loading...

	f2f.org/	ScriptElement	145 B	2023-03-07	2025-05-10
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 22:43 Times Seen3432 Hash 09c7a3dbfcd65973e5cbdb48c5460c07 086b7a4ac6632ec06f2f0e68f4ff3fcfc9a1c71c d81a9dc0c33559bfacc014a5216f454c40183312addc9623d3da987650cd56f3 Loading...

	f2f.org/	ScriptElement	2.0 kB	2023-12-07	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-07 20:24 Last Seen2024-08-20 16:26 Times Seen9 Hash ae60b54871f95d7608a81a02686b42f4 95192c43352446ae0fd37e563aecc7954577c310 faa69d54f27aa74192f68058176e12cd2fb9f49ac76feb7f2a374a49fc6c9127 Loading...

	f2f.org/wp-content/plugins/dg-blog-module/scripts/lib/fitvids.js?ver=1.0.11	ScriptElement	1.8 kB	2023-03-07	2025-05-10
Pretty URL f2f.org/wp-content/plugins/dg-blog-module/scripts/lib/fitvids.js?ver=1.0.11 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11 Last Seen2025-05-10 20:57 Times Seen1446 Hash 882a4f6998e5d6878f6f53f15008e525 2f73282313194a5ea50186b3d94842b47f941274 233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e Loading...

	f2f.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=38972e89150019b73122a99561a42155	ScriptElement	1.2 kB	2023-03-07	2025-05-11
Pretty URL f2f.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=38972e89150019b73122a99561a42155 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-11 09:58 Times Seen6977 Hash 51300497928562f8c86c7aaba99237cd e5826832b85c6afc6502b74cbb8ac5394b04c363 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f Loading...

	f2f.org/	ScriptElement	1.4 kB	2023-03-07	2025-05-10
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:10 Last Seen2025-05-10 22:43 Times Seen2144 Hash baa52dd43e0e29340348ae52a88fdcfd a85cd8502fafa4fb5cb0786c1ab1e6c0c957093e 49117ca60d8aeb4aa478d3541e09db31ce6fe2608ff7f96e9409239390e6b1bc Loading...

	f2f.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1	ScriptElement	88 kB	2023-11-03	2025-05-11
Pretty URL f2f.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-11 14:30 Times Seen92590 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	f2f.org/	ScriptElement	152 B	2023-03-07	2025-05-11
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 14:31 Times Seen25336 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	f2f.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=38972e89150019b73122a99561a42155	ScriptElement	1.1 kB	2023-03-29	2025-05-11
Pretty URL f2f.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=38972e89150019b73122a99561a42155 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:52 Last Seen2025-05-11 09:58 Times Seen6196 Hash 8a5c9689ae636c452b6808740ba04136 8d2c85d7779d00c12aeb6b55a99443952d9a144e 79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45 Loading...

	f2f.org/	ScriptElement	95 B	2023-03-07	2025-04-15
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 14:36 Last Seen2025-04-15 19:03 Times Seen19 Hash d4de60e4294acd70d9ee404e7ce2df99 84f81a820dafb85f324c00b1ffb2af8eb01e1470 987106a638cc928de0337103e4ea5a8714c93d40e3180ea5de6471fe66476c1e Loading...

	f2f.org/	ScriptElement	1.6 kB	2024-08-20	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:22 Last Seen2024-08-20 16:22 Times Seen3 Hash c62a43d520d1216d8b635ee4b5ae06f8 dc68280593d2d53c704fb9ba654963bb22bf4507 dbff6e9742be5d95afaa885b773a3c8291dd1eadd0454145412c9a8cf638969c Loading...

	f2f.org/	ScriptElement	85 B	2023-03-07	2025-05-07
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:04 Last Seen2025-05-07 11:35 Times Seen472 Hash ffd7213af410914aa94b69c14a9515a5 06f390b471f918bdce35c3d60b633c81c674f033 2b2e4c86ca4da9eac25c15aaed65de5428d4c30b8d308a38e1870d28498c2b18 Loading...

	f2f.org/	ScriptElement	94 B	2023-11-08	2025-05-11
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 00:42 Last Seen2025-05-11 14:41 Times Seen17248 Hash 02d7d8402b7ddb8e6fe47f2a35071e8d 174b5a8fe0ecdfa989fbf40f3ecd51f1d0117693 8a96c1a0a8b1c2a8eab8adfa21634b7f2c4226f6bc5322df1ab7efc4f1f1af7f Loading...

	f2f.org/	ScriptElement	240 B	2023-12-08	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-08 11:46 Last Seen2024-08-20 16:22 Times Seen5 Hash a4fc90a9637ec370080bbde31fc89ce1 b0375127cd2806e40bfb32646e3679bf72632055 6ae290386cc6aa654add6d923a23b64babe65a7b9e70e958aafe6c1b548a18c9 Loading...

	f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes//clock/js/uwa-front.js?ver=2.3.7	ScriptElement	39 kB	2023-12-07	2023-12-09
Pretty URL f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes//clock/js/uwa-front.js?ver=2.3.7 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 20:24 Last Seen2023-12-09 01:09 Times Seen9 Hash 9f247dddf2ba35183028dc0e601cdabb 4e955c1050ec82b5d4f878075ec4052d3d7594c5 a5608fbc3339b3c4b9ab156765b2cae08d6b8bf96b9dbfd0cee6d95b1f4ad5f1 Loading...

	f2f.org/wp-content/plugins/dg-blog-module/scripts/frontend-bundle.min.js?ver=1.0.11	ScriptElement	7.2 kB	2023-03-07	2025-04-17
Pretty URL f2f.org/wp-content/plugins/dg-blog-module/scripts/frontend-bundle.min.js?ver=1.0.11 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:00 Last Seen2025-04-17 00:12 Times Seen34 Hash 0e9facb331a1356188cdc9d4dc330c55 f3c941d73a75dfddaae6939dadd7bf2891f6069e b47b1dcab4c001e054fbcc7e2c731f43475fed0028e845705db9c4011ae574e0 Loading...

	f2f.org/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf	ScriptElement	4.1 kB	2023-07-29	2025-05-10
Pretty URL f2f.org/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-29 20:00 Last Seen2025-05-10 04:21 Times Seen1167 Hash f4d12a887a23a8c5755fd2b956bc8fcf 7a929ecc2397a7ba38793560a7f0f3ddb8faf93d a894dbb6e181fc9a70bf4453dc3571e0b5a0b068356310b3139abd081cb80d24 Loading...

	f2f.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0	ScriptElement	6.6 kB	2023-11-03	2025-05-10
Pretty URL f2f.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-10 18:00 Times Seen16994 Hash fd7ef2e4737acd74fd0dcdc3b515e304 0d792b33f12a48ee8aaaf2560a63a5682470645b 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c Loading...

	f2f.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.22.0	ScriptElement	12 kB	2023-11-14	2025-05-11
Pretty URL f2f.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.22.0 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 00:53 Last Seen2025-05-11 07:53 Times Seen2550 Hash 9593c634b81c031342cbe0fa03903d47 dd68ee9d73731b22fb7252f66be8bea5d17227c7 d7bdba02afa8c04c13f280c71a50f8c8186c883711c5dabbd13566dd738bff0a Loading...

	f2f.org/	ScriptElement	2.4 kB	2023-11-08	2025-05-11
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-08 16:17 Last Seen2025-05-11 09:58 Times Seen2645 Hash b70ec48a942f3cb847e06d854e7363fe e86072794d4c42f2bd26becf5b2946c11870ac86 1d99463c0f1a923272e8bb15555c52626cb7a84e872d852b33ed296d6f1d03d3 Loading...

	f2f.org/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.8.0	ScriptElement	47 kB	2023-12-08	2025-04-30
Pretty URL f2f.org/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.8.0 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 11:46 Last Seen2025-04-30 19:10 Times Seen115 Hash 3f645770cbbde4006ea1c09181dc243b 6275eca80774b42d1403c5e44dc787a04f391cd9 8e935b015b64f2374711c6f983fcedde254decd920171b934ead8ef5c410b68d Loading...

	f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown.min.js?ver=2.3.7	ScriptElement	14 kB	2023-03-08	2025-01-17
Pretty URL f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown.min.js?ver=2.3.7 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:55 Last Seen2025-01-17 11:12 Times Seen20 Hash b7b9d30f7852dd6984b93bdaa2a693ef 7ff3563b51fe7fa9560261d457823b0245181277 d0a6856f02d4ccf0252b4be170ded1f7ec76896785adad9f942384874b7248e2 Loading...

	f2f.org/	ScriptElement	227 B	2023-03-29	2025-05-11
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 22:52 Last Seen2025-05-11 09:58 Times Seen5459 Hash 37edbd87e0e3bd955e857e5708a84396 6cd340e477e928eb887bc1e106f8d5226830d2f4 f488626562fab24ee5469e697239245694de3716797188f2dc4c72463a32f9ab Loading...

	f2f.org/wp-content/plugins/wp-and-divi-icons/js/icons.min.js?ver=2.0.1	ScriptElement	10 kB	2023-05-21	2024-08-20
Pretty URL f2f.org/wp-content/plugins/wp-and-divi-icons/js/icons.min.js?ver=2.0.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 12:39 Last Seen2024-08-20 16:26 Times Seen12 Hash 2e3ca67be061048ff5306daaf1b4df6a 59b3d492e573a10c75da7911d5b9bfd8d5a708ec 509d8892a15324bb2591008f8cd287f8686141cc11f51f9406cea0deb58e4c15 Loading...

	f2f.org/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.23	ScriptElement	66 kB	2023-12-08	2025-01-08
Pretty URL f2f.org/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.23 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-08 11:46 Last Seen2025-01-08 05:38 Times Seen28 Hash 5ccbfccff223d63ea24af182907633f6 b9b71b1668d3cda8eafd26d24f53bd031f5ce257 6405f71eeec22776f3e6dc8c0e2dcc8f023716c2e976e113c60eb7c7b6304a62 Loading...

	f2f.org/	ScriptElement	243 B	2023-05-25	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-25 10:31 Last Seen2024-08-20 16:26 Times Seen9 Hash d9ddd9ffec757cda40e5d40afc227f1a b3015abb6ed4ace98b87ee54a5a91419f5450450 235aa8ddb7b1b090e717edcfa42e1b5fac354e125c71d86bef7f6b56128b15aa Loading...

	f2f.org/	ScriptElement	379 B	2023-12-07	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-07 20:24 Last Seen2024-08-20 16:26 Times Seen9 Hash 59bf1af17500f9c8412d33a53c26ce39 08dd4f3f5e54d2993a7db13dfff6924a3bb5a8e7 0645a9cfe44b70c169a91cd36161d2c6e3e54b217e9f92a11d2c9ffba0b4d840 Loading...

	f2f.org/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca	ScriptElement	498 B	2023-03-07	2025-05-07
Pretty URL f2f.org/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-07 14:22 Times Seen5018 Hash b0b80b0256874e70acdc820b52bbf1aa 9aace9a7989736bf535d65f229d0c10e9acea41b 166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0 Loading...

	f2f.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2	ScriptElement	8.2 kB	2023-03-13	2025-05-11
Pretty URL f2f.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 14:32 Last Seen2025-05-11 14:31 Times Seen29753 Hash dda652db133fddb9b80a05c6d1b5c540 60c8514c57a5db2980c4b046b0dd479bd427357b c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4 Loading...

	stats.wp.com/w.js?ver=202349	ScriptElement	11 kB	2023-11-01	2024-09-19
Pretty URL stats.wp.com/w.js?ver=202349 IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-01 16:09 Last Seen2024-09-19 21:06 Times Seen961 Hash 1ac0848d5bceb8555feaf98f8fb860cb 117dcc305a16fbf0f0ef2d173c3c52adfa816047 585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28 Loading...

	f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.23.1	ScriptElement	8.6 kB	2023-03-07	2025-05-10
Pretty URL f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.23.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26 Last Seen2025-05-10 21:24 Times Seen1239 Hash bf7fe805ab945e4b2c4d56da59476811 307135fd2987f477c7bd50fcd0cc28a1cff1f568 b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380 Loading...

	f2f.org/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608	ScriptElement	2.4 kB	2023-08-09	2025-05-07
Pretty URL f2f.org/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-09 03:39 Last Seen2025-05-07 14:22 Times Seen3419 Hash 8435e0a6bc86815f46db228163d21b25 06047d8a8d8c45ac02bc116544284b8027479960 d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df Loading...

	f2f.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.23.1	ScriptElement	1.3 kB	2023-03-07	2025-05-11
Pretty URL f2f.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.23.1 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 12:37 Times Seen6276 Hash d71b75b2327258b1d01d50590c1f67ca b7820e4ffb6becc133c48f66d9f683545530b959 1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea Loading...

	f2f.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17	ScriptElement	158 kB	2023-03-08	2025-05-11
Pretty URL f2f.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26 Last Seen2025-05-11 09:58 Times Seen6820 Hash e53ec3d6e21be78115810135f5e956fe 523892839b88351523e0498ba881c4431197b54e b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f Loading...

	f2f.org/	ScriptElement	231 B	2023-12-07	2024-08-20
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-07 20:24 Last Seen2024-08-20 16:26 Times Seen10 Hash cdbb147fd328a082cf548e1e7245baf1 946bdf839702915eea2d802a8e12caf0308180b8 0ff09c3f81e62d2a3c48ed51c38cff0bc77f9461c1dd09c51fae790c48a39c2f Loading...

	f2f.org/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.8.0	ScriptElement	1.8 kB	2023-03-08	2025-05-10
Pretty URL f2f.org/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.8.0 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28 Last Seen2025-05-10 04:21 Times Seen3681 Hash bd4a0f15980886a95cc5cbd16b77eae7 bfb0474f16e017c1ce9b33441b9b3f5d713a66f5 998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546 Loading...

	f2f.org/wp-content/plugins/custom-post-type-ajax-pagnaition//js/cptapagination.js?ver=38972e89150019b73122a99561a42155	ScriptElement	680 B	2023-03-09	2023-12-09
Pretty URL f2f.org/wp-content/plugins/custom-post-type-ajax-pagnaition//js/cptapagination.js?ver=38972e89150019b73122a99561a42155 IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:41 Last Seen2023-12-09 01:09 Times Seen9 Hash 3579f72d51ccfa0950cb3951aac4a221 b06d9b5b11576ea6f3fdfcf20d7fe62318b2cc29 c5dccb8701b26190cb0c76cbe4458c891b24c172df5b8dafaa658522479eff00 Loading...

	f2f.org/	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL f2f.org/ IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 15:06 Times Seen4655320 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	f2f.org/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=59d951b75d934ae23e0ea7f9776264aa	ScriptElement	39 kB	2023-08-25	2025-05-10
Pretty URL f2f.org/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=59d951b75d934ae23e0ea7f9776264aa IP 209.182.204.177 ASN #54641 IMH-IAD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 18:04 Last Seen2025-05-10 04:21 Times Seen1063 Hash 59d951b75d934ae23e0ea7f9776264aa 9d4d0940c3b1237af6ed090aafa07253c0b1e5bb 7734306b24719e59158e81abe7849cd4323df1fcee4364b190808b8e761a3255 Loading...

HTTP Transactions (117)

URL IP Response Size

beerfestthegoodone.f2f.org/mst/?OgmqcGXCnkEuhDGNWIayooJSWYiEjveXf//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

209.182.204.177

302 Found

0 B

URL User Request GET HTTP/1.1
beerfestthegoodone.f2f.org/mst/?OgmqcGXCnkEuhDGNWIayooJSWYiEjveXf//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /mst/?OgmqcGXCnkEuhDGNWIayooJSWYiEjveXf////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// HTTP/1.1
Host: beerfestthegoodone.f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: /
X-Proxy-Cache: MISS

beerfestthegoodone.f2f.org/

209.182.204.177

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
beerfestthegoodone.f2f.org/
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: beerfestthegoodone.f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Redirect-By: WordPress
Location: https://f2f.org/
X-Proxy-Cache: MISS

beerfestthegoodone.f2f.org/

209.182.204.177

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
beerfestthegoodone.f2f.org/
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: beerfestthegoodone.f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Redirect-By: WordPress
Location: https://beerfestthegoodone.f2f.org/
X-Proxy-Cache: MISS

f2f.org/

209.182.204.177

200 OK

61 kB

URL User Request GET HTTP/1.1
f2f.org/
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26333)
Size
61 kB (61381 bytes)
Hash
4f691d7d64822b01c3721a1e74bad167
65188d29599b74de02bac1ecc80b1492c3ef02a7
83084c075cbcc36e36144bd962bd83f445f952143bbdb6a576879c99928dfc9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://f2f.org/wp-json/>; rel="https://api.w.org/", <https://f2f.org/wp-json/wp/v2/pages/50397>; rel="alternate"; type="application/json", <https://f2f.org/>; rel=shortlink
X-TEC-API-VERSION: v1
X-TEC-API-ROOT: https://f2f.org/wp-json/tribe/events/v1/
X-TEC-API-ORIGIN: https://f2f.org
X-Proxy-Cache: HIT
Content-Encoding: br

f2f.org/wp-content/plugins/wp-and-divi-icons/css/icons.min.css?ver=2.0.1

209.182.204.177

200 OK

1.2 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/wp-and-divi-icons/css/icons.min.css?ver=2.0.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (4557)
Size
1.2 kB (1234 bytes)
Hash
c3fc10f9791754480d2cd246c5c770c1
d698e3b593146e2a936dae7fd89531e9f722058b
7a9f72956ac3ea4f9bb1249d649ac28647a464907b3b941981e75e4f7e85582a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-and-divi-icons/css/icons.min.css?ver=2.0.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:47 GMT
Content-Type: text/css
Last-Modified: Sat, 17 Dec 2022 09:54:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639d91c2-1364"
Expires: Fri, 15 Dec 2023 13:43:47 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/et-cache/50397/et-divi-dynamic-50397-late.css?ver=1701985734

209.182.204.177

200 OK

2.2 kB

URL GET HTTP/1.1
f2f.org/wp-content/et-cache/50397/et-divi-dynamic-50397-late.css?ver=1701985734
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (16772)
Size
2.2 kB (2152 bytes)
Hash
c93f2d4d57113d7f48590b1323d59a44
a62136de336f48a1821fe077bbd3517242252647
addbd44bcf379794563933934c845168f29b24e969d56acabe6229063cb7d23f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/et-cache/50397/et-divi-dynamic-50397-late.css?ver=1701985734 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Dec 2023 21:49:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65723e03-4fad"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/custom-post-type-ajax-pagnaition/css/cptapagination-style.css?ver=38972e89150019b73122a99561a42155

209.182.204.177

200 OK

334 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/custom-post-type-ajax-pagnaition/css/cptapagination-style.css?ver=38972e89150019b73122a99561a42155
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Unicode text, UTF-8 (with BOM) text
Size
334 B (334 bytes)
Hash
8526943642662d7f9bc0126c861b1213
855b76752e8b8982d4c9f43d4b72a8fa53d6f39d
17e54fa721043c23b8aba87ca9b2922057ff26bdff48078a84f4351954e9d2cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/custom-post-type-ajax-pagnaition/css/cptapagination-style.css?ver=38972e89150019b73122a99561a42155 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Sat, 10 Aug 2019 11:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5d4ea500-359"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/uploads/wtfdivi/en/wp_head.css?ver=1665143222

209.182.204.177

200 OK

34 B

URL GET HTTP/1.1
f2f.org/wp-content/uploads/wtfdivi/en/wp_head.css?ver=1665143222
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with no line terminators
Size
34 B (34 bytes)
Hash
4bca26ad084ed39aadadc430572b196b
54fa786c6c7c62327c7d6812db21b6af017ae941
e46244266701959f84bca6716f1036f13aa9ae9f90bc6f4ecb8994610de6aed0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/wtfdivi/en/wp_head.css?ver=1665143222 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Tue, 07 Nov 2023 05:49:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6549cfe1-29"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=8.3.1

209.182.204.177

200 OK

2.5 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=8.3.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (17572), with no line terminators
Size
2.5 kB (2509 bytes)
Hash
ce795adb7e7594cbc25f9fd2d6e1a2fd
4db09326441814d65f42f835a7102d28459363b0
50bb7c36ecca26ef05a1d308ca06ca7f60740c7e95d20a8971909303f4fa8657

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=8.3.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Nov 2023 05:29:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65657ad0-44a4"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/et-cache/50397/et-divi-dynamic-50397.css?ver=1701985734

209.182.204.177

200 OK

10 kB

URL GET HTTP/1.1
f2f.org/wp-content/et-cache/50397/et-divi-dynamic-50397.css?ver=1701985734
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (13396)
Size
10 kB (10403 bytes)
Hash
a5f4994acb1ee8fb58ebf2e3e17d949d
8ab302765d1216aff475e07f47802594f23fae79
3c94e509588d266c7991c2a17026e126a327c8be710376317f9c52a057f1e56a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/et-cache/50397/et-divi-dynamic-50397.css?ver=1701985734 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Dec 2023 21:48:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65723dc6-11aa4"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/et-cache/50397/et-core-unified-deferred-50397.min.css?ver=1701386399

209.182.204.177

200 OK

2.3 kB

URL GET HTTP/1.1
f2f.org/wp-content/et-cache/50397/et-core-unified-deferred-50397.min.css?ver=1701386399
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (12584), with no line terminators
Size
2.3 kB (2258 bytes)
Hash
679b0c179e8b1fe5b8b82b1358dcd674
a09e9012a6592bd2dcea1d753c61764257e1b7a3
308bb7ae95dfe16e4bc82ce9ea1f52b9deddd533bf14cdaeb302f364263072c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/et-cache/50397/et-core-unified-deferred-50397.min.css?ver=1701386399 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Thu, 30 Nov 2023 23:19:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6569189f-3128"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=6.2.4

209.182.204.177

200 OK

220 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=6.2.4
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (655), with no line terminators
Size
220 B (220 bytes)
Hash
7d5629f7abb615381d11cfae5bc2d4fc
7dc4fdb4f709674bd7b34d5a8441709737ece543
d2d330f53cdfd25a188faebfc07535a76190bcc529946b09c74d0971e84b53cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/events-calendar-pro/src/resources/css/tribe-events-pro-mini-calendar-block.min.css?ver=6.2.4 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Tue, 21 Nov 2023 05:46:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"655c4432-28f"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.23

209.182.204.177

200 OK

488 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.23
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (1415), with no line terminators
Size
488 B (488 bytes)
Hash
bbeb8caf499f4359a082e0eb92dd4820
9325fd62524e085df2068a3a25875a2af518f222
d2d01a28284207ea1bc9976244daa182379ac4c1cc50c22e0d3302bbf9b922f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/cleantalk-spam-protect/css/cleantalk-public.min.css?ver=6.23 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Fri, 08 Dec 2023 05:55:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572afe9-587"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=8.3.1

209.182.204.177

200 OK

9.5 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=8.3.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
9.5 kB (9545 bytes)
Hash
68a2e1c3048033103d11856810f40fb2
2f8390ae10db4881fe44e016a7c2d87cd28b9457
f7d4c54dc556bce61c6a59150788149f9310dcf3f1deba151612334afd20e726

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=8.3.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Nov 2023 05:29:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65657ad0-123ad"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1

209.182.204.177

200 OK

263 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (907)
Size
263 B (263 bytes)
Hash
6f1ecd534f48422ce13105c7b6776a6a
5530b098a3fea4bde23e9f9ab799f19d4a0fa2ee
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Tue, 14 Nov 2023 12:41:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65536ae6-38c"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

www.googletagmanager.com/gtag/js?id=G-3KDK0TQSYW

142.250.74.168

200 OK

81 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-3KDK0TQSYW
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
81 kB (81172 bytes)
Hash
d6fc3ec804afda379ab80b9dd235b597
da70156428bcf0976b089ad5ea33a208e0a63790
514c15804f338f7d7a10ba2547c5cbaea8b84b4ae3465df66e4c49df84f0510c

HTTP Headers

GET /gtag/js?id=G-3KDK0TQSYW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 08 Dec 2023 13:43:48 GMT
expires: Fri, 08 Dec 2023 13:43:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

f2f.org/wp-content/plugins/divi-booster/core/icons/socicon/fonts/Socicon.woff2?87visu

209.182.204.177

200 OK

64 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/divi-booster/core/icons/socicon/fonts/Socicon.woff2?87visu
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64512, version 3.-26214\012- data
Size
64 kB (64512 bytes)
Hash
0d3d8b23e678fa28287d44a01e10553b
5a5daf8519110f538391dabd1de828493ba60959
c254279147099e0b696b281d62b436b8aed42fb0f3abf1ba17abc398ca6c90e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/divi-booster/core/icons/socicon/fonts/Socicon.woff2?87visu HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f2f.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: font/woff2
Content-Length: 64512
Last-Modified: Tue, 07 Nov 2023 05:49:08 GMT
Connection: keep-alive
ETag: "6549cfd4-fc00"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1

209.182.204.177

200 OK

114 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with no line terminators
Size
114 B (114 bytes)
Hash
886011711ae972cd8472eef5eba5c298
6e52e59dfcbe911b4ab1a69036e1e3b930030c7e
4b9257e3e9c959214ddfab833a69a021ae6557403efe76afcbee259621175274

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.min.css?ver=1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Tue, 14 Nov 2023 12:41:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65536ae6-102"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/assets/css/uwa-front.css?ver=2.3.7

209.182.204.177

200 OK

6.3 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/assets/css/uwa-front.css?ver=2.3.7
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (515)
Size
6.3 kB (6311 bytes)
Hash
6f4e6f69f9d2e94a08400d44cab6f37d
7b42b6bd993e3bfdf7b81b00dfedf2631ed2560f
7808b0ad97ac5ef2e3e251ba6d8763c204f7ca1a4a53ee76f97b6e257b2bda68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-woocommerce-auction-pro/assets/css/uwa-front.css?ver=2.3.7 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Tue, 13 Jun 2023 07:46:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64881ef1-6e70"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/dg-blog-module/styles/style.min.css?ver=1.0.11

209.182.204.177

200 OK

2.4 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/dg-blog-module/styles/style.min.css?ver=1.0.11
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (16635), with no line terminators
Size
2.4 kB (2391 bytes)
Hash
93825495951ae3761b1af4f3ef86d2f0
ffadd2df3e6fc6b586749b648fbec6549e756725
8a5b20917f186c9ddd1997fee322a8043455c3b2effeea80d7690e6d3f1478c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/dg-blog-module/styles/style.min.css?ver=1.0.11 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Wed, 29 Mar 2023 22:54:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6424c191-40fb"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/dp-owl-carousel-pro/styles/style.min.css?ver=2.4

209.182.204.177

200 OK

7.0 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/dp-owl-carousel-pro/styles/style.min.css?ver=2.4
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (17123), with no line terminators
Size
7.0 kB (7047 bytes)
Hash
df7f8ff1bfa3b2e6b38d4d3c0728c7bc
2a8ae8a390aff384e3813e52bbf674e19be825e9
518b6ccd5599ef8ea77cb55955951a8b42389376120f5d53e669c5ec8d665292

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/dp-owl-carousel-pro/styles/style.min.css?ver=2.4 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Tue, 10 Oct 2023 09:15:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65251643-42e3"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Raleway:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,900,900italic&subset=latin,latin-ext&display=swap

216.58.211.10

200 OK

3.1 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Raleway:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,900,900italic&subset=latin,latin-ext&display=swap
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
3.1 kB (3089 bytes)
Hash
adff8ad2da57f86dfb5d9cbfffe937a6
f5a452ed6b1ced058591f2062033429f00e5f52b
734c7adcf2fd630fcd0c311e6a4a82c9fe61e91a3fe83ffc645f8dc71409649a

HTTP Headers

GET /css?family=Lato:100,100italic,300,300italic,regular,italic,700,700italic,900,900italic|Raleway:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,regular,500,600,700,800,900,100italic,200italic,300italic,italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:200,200italic,300,300italic,regular,italic,600,600italic,700,700italic,900,900italic&subset=latin,latin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 13:43:48 GMT
date: Fri, 08 Dec 2023 13:43:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

f2f.org/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.8.0

209.182.204.177

200 OK

7.5 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.8.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (48845), with no line terminators
Size
7.5 kB (7495 bytes)
Hash
884011bab8385e5ff417e21422cdbbf7
52894680c9c2218439b9695ada16ffbb3aa90b69
18f3409182cb278eef9bf26ba606daa10f3e317145921c45100d8dead7e37fb2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/assets/css/dist/basic.min.css?ver=2.8.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Fri, 08 Dec 2023 05:56:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572affc-becd"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.8.0

209.182.204.177

200 OK

0 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.8.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/assets/css/dist/theme-components.min.css?ver=2.8.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Content-Length: 0
Last-Modified: Fri, 08 Dec 2023 05:56:12 GMT
Connection: keep-alive
ETag: "6572affc-0"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-includes/css/dashicons.min.css?ver=38972e89150019b73122a99561a42155

209.182.204.177

200 OK

35 kB

URL GET HTTP/1.1
f2f.org/wp-includes/css/dashicons.min.css?ver=38972e89150019b73122a99561a42155
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (58981)
Size
35 kB (35200 bytes)
Hash
d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=38972e89150019b73122a99561a42155 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Thu, 04 Mar 2021 10:16:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6040b376-e688"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.8.0

209.182.204.177

200 OK

373 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.8.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (1753), with no line terminators
Size
373 B (373 bytes)
Hash
b1f563e33ef65c02464c93ec0702c0d2
5333895f4ef7f0b6a95b330e5cd82a00ac021e0b
032dc89de9e654706c6239447c5fe7e0346209c8319411521ac476b58c7f4f88

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/assets/css/dist/theme-ie11.min.css?ver=2.8.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Fri, 08 Dec 2023 05:56:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572affc-6d9"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.8.0

209.182.204.177

200 OK

5.4 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.8.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (30091), with no line terminators
Size
5.4 kB (5428 bytes)
Hash
16719ff50c5282c0f014526fd7e29013
1e9ee2b9ec6fbfbc16739b4f5e2bb7f35ec9a717
c487387d7e441b4cb0b138137ed47e4d97c0c971cfb4f2d8946184003f08cd22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/assets/css/dist/theme.min.css?ver=2.8.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Fri, 08 Dec 2023 05:56:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572affc-758b"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/themes/Divi-Mate/style.css?ver=1.0

209.182.204.177

200 OK

5.5 kB

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi-Mate/style.css?ver=1.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Unicode text, UTF-8 text, with very long lines (435)
Size
5.5 kB (5483 bytes)
Hash
f494bf2f4adba2fc02e6a81d046d4392
c3def4395b9146b20f59cbfc5cd87fd2576dbd9f
64c30a67477bff95f76ebb6d487173dccd6fc14b3dc1b3d8f139daf6525b2842

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi-Mate/style.css?ver=1.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Aug 2023 13:36:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64e75ce0-7613"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2

209.182.204.177

200 OK

2.5 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (8171), with no line terminators
Size
2.5 kB (2501 bytes)
Hash
dda652db133fddb9b80a05c6d1b5c540
60c8514c57a5db2980c4b046b0dd479bd427357b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: application/javascript
Last-Modified: Wed, 29 Mar 2023 20:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6424a012-1feb"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0

209.182.204.177

200 OK

2.5 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (6625), with no line terminators
Size
2.5 kB (2542 bytes)
Hash
fd7ef2e4737acd74fd0dcdc3b515e304
0d792b33f12a48ee8aaaf2560a63a5682470645b
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: application/javascript
Last-Modified: Tue, 21 Nov 2023 05:47:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"655c4486-19e1"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1

209.182.204.177

200 OK

1.6 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (4592)
Size
1.6 kB (1576 bytes)
Hash
7bd48eb3bd568033e96caf0fb62e6690
b38066999294b99d92d95db5f38bc15707eb1f22
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Aug 2023 17:01:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64e246f1-1213"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

209.182.204.177

200 OK

5.0 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (13479)
Size
5.0 kB (4999 bytes)
Hash
9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Aug 2023 17:01:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64e246f1-3509"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/wp-and-divi-icons/js/icons.min.js?ver=2.0.1

209.182.204.177

200 OK

3.3 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/wp-and-divi-icons/js/icons.min.js?ver=2.0.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
HTML document, ASCII text, with very long lines (580)
Size
3.3 kB (3315 bytes)
Hash
2e3ca67be061048ff5306daaf1b4df6a
59b3d492e573a10c75da7911d5b9bfd8d5a708ec
509d8892a15324bb2591008f8cd287f8686141cc11f51f9406cea0deb58e4c15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-and-divi-icons/js/icons.min.js?ver=2.0.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: application/javascript
Last-Modified: Sat, 17 Dec 2022 09:54:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639d91c2-275e"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.22.0

209.182.204.177

200 OK

3.2 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.22.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (1392)
Size
3.2 kB (3242 bytes)
Hash
9593c634b81c031342cbe0fa03903d47
dd68ee9d73731b22fb7252f66be8bea5d17227c7
d7bdba02afa8c04c13f280c71a50f8c8186c883711c5dabbd13566dd738bff0a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.22.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: application/javascript
Last-Modified: Tue, 05 Dec 2023 05:15:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"656eb1e2-2da9"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

209.182.204.177

200 OK

36 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
36 kB (36350 bytes)
Hash
9a98016751e498c06d434cc022ca1a44
6aa9af5fe436eab9c313de9f0bea072c04637624
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: application/javascript
Last-Modified: Tue, 21 Nov 2023 05:47:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"655c4486-1c1b7"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/custom-post-type-ajax-pagnaition//js/cptapagination.js?ver=38972e89150019b73122a99561a42155

209.182.204.177

200 OK

342 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/custom-post-type-ajax-pagnaition//js/cptapagination.js?ver=38972e89150019b73122a99561a42155
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text
Size
342 B (342 bytes)
Hash
3579f72d51ccfa0950cb3951aac4a221
b06d9b5b11576ea6f3fdfcf20d7fe62318b2cc29
c5dccb8701b26190cb0c76cbe4458c891b24c172df5b8dafaa658522479eff00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/custom-post-type-ajax-pagnaition//js/cptapagination.js?ver=38972e89150019b73122a99561a42155 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Sat, 10 Sep 2022 11:41:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"631c7802-2a8"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

209.182.204.177

200 OK

31 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31409 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:48 GMT
Content-Type: application/javascript
Last-Modified: Tue, 21 Nov 2023 05:47:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"655c4486-15601"
Expires: Fri, 15 Dec 2023 13:43:48 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.2732002000454713

192.0.76.3

200 OK

50 B

URL GET HTTP/2
pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.2732002000454713
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://f2f.org/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.2732002000454713 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 13:43:49 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

f2f.org/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.3.1

209.182.204.177

200 OK

3.5 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.3.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (9242)
Size
3.5 kB (3515 bytes)
Hash
ef56117d1bb5cc41aa6bd127a49c7640
b9c2ed774177fc0fceba5cb58113024b23fe4fb7
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.3.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Nov 2023 05:29:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65657ad0-25a4"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.3.1

209.182.204.177

200 OK

1.1 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.3.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
HTML document, ASCII text, with very long lines (3037), with no line terminators
Size
1.1 kB (1063 bytes)
Hash
ac7eef7756c1ad7d9df33edae9f60e5d
fb334d6bdf233b1c0b3a3658c0763e5916eda4b0
92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.3.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Nov 2023 05:29:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65657ad0-bdd"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.3.1

209.182.204.177

200 OK

952 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.3.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (1679)
Size
952 B (952 bytes)
Hash
53e07784d8fab2f50b99ff9868124992
d8739feb2845a3fa4a8c085aeabc4eb0e6945590
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.3.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Nov 2023 05:29:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65657ad0-735"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.23

209.182.204.177

200 OK

17 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.23
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
17 kB (17108 bytes)
Hash
5ccbfccff223d63ea24af182907633f6
b9b71b1668d3cda8eafd26d24f53bd031f5ce257
6405f71eeec22776f3e6dc8c0e2dcc8f023716c2e976e113c60eb7c7b6304a62

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=6.23 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Fri, 08 Dec 2023 05:55:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572afe9-1007e"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.3.1

209.182.204.177

200 OK

748 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.3.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (2139), with no line terminators
Size
748 B (748 bytes)
Hash
6d3b3d63df025e97f370c5efab2c96da
78c0c8e7504f9314b2e9fd714bbab530af52f2af
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.3.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Nov 2023 05:29:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65657ad0-85b"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes//clock/js/uwa-front.js?ver=2.3.7

209.182.204.177

200 OK

7.3 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes//clock/js/uwa-front.js?ver=2.3.7
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (11991), with CRLF line terminators
Size
7.3 kB (7277 bytes)
Hash
9f247dddf2ba35183028dc0e601cdabb
4e955c1050ec82b5d4f878075ec4052d3d7594c5
a5608fbc3339b3c4b9ab156765b2cae08d6b8bf96b9dbfd0cee6d95b1f4ad5f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-woocommerce-auction-pro/includes//clock/js/uwa-front.js?ver=2.3.7 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Mon, 21 Aug 2023 12:00:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64e351c8-9699"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown.min.js?ver=2.3.7

209.182.204.177

200 OK

4.7 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown.min.js?ver=2.3.7
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (14055), with CRLF, CR line terminators
Size
4.7 kB (4734 bytes)
Hash
b7b9d30f7852dd6984b93bdaa2a693ef
7ff3563b51fe7fa9560261d457823b0245181277
d0a6856f02d4ccf0252b4be170ded1f7ec76896785adad9f942384874b7248e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown.min.js?ver=2.3.7 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 13 Jun 2023 07:46:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64881ef1-37e9"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown-multi-lang.js?ver=2.3.7

209.182.204.177

200 OK

467 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown-multi-lang.js?ver=2.3.7
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text
Size
467 B (467 bytes)
Hash
7fa84f574a778b8e23c003df5149541d
6777551fafd7655159cb38bc1f359adfa2548e8d
f9646cd658fd339ab9a3fa9bc01e2072e64a96c9a95c140ded0efc04f384a823

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-woocommerce-auction-pro/includes/clock/js/jquery.countdown-multi-lang.js?ver=2.3.7 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 13 Jun 2023 07:46:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64881ef1-464"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.8.0

209.182.204.177

200 OK

914 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.8.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (1836), with no line terminators
Size
914 B (914 bytes)
Hash
bd4a0f15980886a95cc5cbd16b77eae7
bfb0474f16e017c1ce9b33441b9b3f5d713a66f5
998a575c7b376128a98e6d67e29c42e1726aac3489cf2c0b2aaebf6f6ad0b546

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.8.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Fri, 08 Dec 2023 05:56:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572affd-72c"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/uploads/custom-css-js/37768.css?v=8115

209.182.204.177

200 OK

278 B

URL GET HTTP/1.1
f2f.org/wp-content/uploads/custom-css-js/37768.css?v=8115
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
13eb74c84d808414eeba8cfd65ac09b2
1dd6237d00c3ddf52800ba26318c4376925fd2f8
a4871740c4844f76ec4869d804c18dc9c062d08d76054e16e9bf5069447046b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/custom-css-js/37768.css?v=8115 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: text/css
Last-Modified: Fri, 07 Oct 2022 19:24:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63407ce4-19b"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=38972e89150019b73122a99561a42155

209.182.204.177

200 OK

1.1 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=38972e89150019b73122a99561a42155
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (4186), with no line terminators
Size
1.1 kB (1095 bytes)
Hash
ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=38972e89150019b73122a99561a42155 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: text/css
Last-Modified: Sat, 08 Jun 2019 08:45:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cfb758e-105a"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

209.182.204.177

200 OK

2.6 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (11256), with no line terminators
Size
2.6 kB (2569 bytes)
Hash
2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: text/css
Last-Modified: Wed, 30 Sep 2020 03:53:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f740122-2bf8"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/divi-booster/core/icons/socicon/style.min.css?ver=4.3.5

209.182.204.177

200 OK

2.6 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/divi-booster/core/icons/socicon/style.min.css?ver=4.3.5
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (12197), with no line terminators
Size
2.6 kB (2553 bytes)
Hash
3bc366bbc0e0362e29f5bdb55c7d36e3
e39c6ef384452d42d72802a69acd4f101c8ea555
4c03397843e454d8b7a5e3701a715ef0420cfaa50c5202a80d7d549c34cbcf03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/divi-booster/core/icons/socicon/style.min.css?ver=4.3.5 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: text/css
Last-Modified: Tue, 07 Nov 2023 05:49:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6549cfd4-2fa5"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.8.0

209.182.204.177

200 OK

14 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.8.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (46610), with no line terminators
Size
14 kB (14045 bytes)
Hash
3f645770cbbde4006ea1c09181dc243b
6275eca80774b42d1403c5e44dc787a04f391cd9
8e935b015b64f2374711c6f983fcedde254decd920171b934ead8ef5c410b68d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.8.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Fri, 08 Dec 2023 05:56:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572affd-b612"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=59d951b75d934ae23e0ea7f9776264aa

209.182.204.177

200 OK

12 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=59d951b75d934ae23e0ea7f9776264aa
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Unicode text, UTF-8 text, with very long lines (38839), with no line terminators
Size
12 kB (12051 bytes)
Hash
59d951b75d934ae23e0ea7f9776264aa
9d4d0940c3b1237af6ed090aafa07253c0b1e5bb
7734306b24719e59158e81abe7849cd4323df1fcee4364b190808b8e761a3255

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/assets/js/dist/utils.min.js?ver=59d951b75d934ae23e0ea7f9776264aa HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Fri, 08 Dec 2023 05:56:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572affc-97b8"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/divi-booster/core/icons/divi-booster-icons/icomoon/style.min.css?ver=4.3.5

209.182.204.177

200 OK

417 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/divi-booster/core/icons/divi-booster-icons/icomoon/style.min.css?ver=4.3.5
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (1254), with no line terminators
Size
417 B (417 bytes)
Hash
33ba0970c959201b27efca5d0cc69045
aacc562e31906ac05f7d00ee0ba6a4ad6ed2da7a
3ce3f24e4dbb8d1529164f67aaffc764dd9ad005810bba411ddac560e55d90b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/divi-booster/core/icons/divi-booster-icons/icomoon/style.min.css?ver=4.3.5 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: text/css
Last-Modified: Tue, 07 Nov 2023 05:49:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6549cfd4-4e6"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/dg-blog-module/scripts/lib/fitvids.js?ver=1.0.11

209.182.204.177

200 OK

699 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/dg-blog-module/scripts/lib/fitvids.js?ver=1.0.11
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
HTML document, ASCII text, with very long lines (1767), with no line terminators
Size
699 B (699 bytes)
Hash
882a4f6998e5d6878f6f53f15008e525
2f73282313194a5ea50186b3d94842b47f941274
233cb2b905dec5df68df039e52e26980f674880fee51a8f6b7f75486760f1f3e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/dg-blog-module/scripts/lib/fitvids.js?ver=1.0.11 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Wed, 29 Mar 2023 22:54:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6424c191-6e7"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:33 GMT
expires: Fri, 06 Dec 2024 15:40:33 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 79396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Size
48 kB (48208 bytes)
Hash
c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

HTTP Headers

GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:02:45 GMT
expires: Fri, 06 Dec 2024 16:02:45 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
age: 78064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.23.1

209.182.204.177

200 OK

3.2 kB

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.23.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text
Size
3.2 kB (3161 bytes)
Hash
00346ced8d8b5c664b826381bdcd7c48
1cb0ab506f3892db432c81ab6982fe6837004d23
5aa24e4ab926693e29ffb0d0ca1557141defd3ca61b3b4e7caebaa2fcd5bf327

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/easypiechart.js?ver=4.23.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Nov 2023 05:51:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6549d078-2466"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Size
22 kB (22504 bytes)
Hash
1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 21:37:20 GMT
expires: Thu, 05 Dec 2024 21:37:20 GMT
cache-control: public, max-age=31536000
age: 144389
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQLL50tE8.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQLL50tE8.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30976, version 1.0\012- data
Size
31 kB (30976 bytes)
Hash
5c8f124fd7d2657767fb95a63c783012
d3eb799b7ba989b7b3a1fec7155ff4304f9bc67e
721b76567962131c87e729818f3f1f866ade2857fa5e11e52f8bd71e376f357f

HTTP Headers

GET /s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQLL50tE8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:29 GMT
expires: Fri, 06 Dec 2024 15:46:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 27 Apr 2023 00:56:58 GMT
content-type: font/woff2
age: 79040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

f2f.org/wp-content/plugins/dg-blog-module/scripts/frontend-bundle.min.js?ver=1.0.11

209.182.204.177

200 OK

1.9 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/dg-blog-module/scripts/frontend-bundle.min.js?ver=1.0.11
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (7204), with no line terminators
Size
1.9 kB (1886 bytes)
Hash
0e9facb331a1356188cdc9d4dc330c55
f3c941d73a75dfddaae6939dadd7bf2891f6069e
b47b1dcab4c001e054fbcc7e2c731f43475fed0028e845705db9c4011ae574e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/dg-blog-module/scripts/frontend-bundle.min.js?ver=1.0.11 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Wed, 29 Mar 2023 22:54:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6424c191-1c24"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.23.1

209.182.204.177

200 OK

3.4 kB

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.23.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (6322)
Size
3.4 kB (3395 bytes)
Hash
bf7fe805ab945e4b2c4d56da59476811
307135fd2987f477c7bd50fcd0cc28a1cff1f568
b6205029e1016596807b655c8f57818736a787e32ceb1407effa152ac3bb9380

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/salvattore.js?ver=4.23.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Nov 2023 05:51:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6549d078-217e"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

moderate9-v4.cleantalk.org/pixel/4d17b1e8d129765b356c1a7b8127d73e.gif

51.81.55.251

200 OK

43 B

URL GET HTTP/1.1
moderate9-v4.cleantalk.org/pixel/4d17b1e8d129765b356c1a7b8127d73e.gif
IP
51.81.55.251:443
ASN
#16276 OVH SAS

Requested by
https://f2f.org/
Certificate
IssuerSectigo Limited
Subject*.cleantalk.org
FingerprintE8:47:A9:37:80:4D:62:78:64:A3:F4:79:A7:40:28:4A:79:57:6F:7C
ValidityThu, 07 Sep 2023 00:00:00 GMT - Tue, 24 Sep 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /pixel/4d17b1e8d129765b356c1a7b8127d73e.gif HTTP/1.1
Host: moderate9-v4.cleantalk.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Size
24 kB (24408 bytes)
Hash
efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

HTTP Headers

GET /s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:54 GMT
expires: Fri, 06 Dec 2024 15:42:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:14:26 GMT
content-type: font/woff2
age: 79255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

f2f.org/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.3.1

209.182.204.177

200 OK

494 B

URL GET HTTP/1.1
f2f.org/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.3.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (1012), with no line terminators
Size
494 B (494 bytes)
Hash
a196fc442165c7871d8623233601b2d5
1d11da022dd608f770abf6ec67fbd02da0b87b6e
15bd939a375fb864cb4355c057b6e11ff95c4ead66b210362e41a50c4eea8c47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=5.3.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 28 Nov 2023 05:29:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65657ad2-3f4"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:49:49 GMT
expires: Fri, 06 Dec 2024 15:49:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 78840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.23.1

209.182.204.177

200 OK

8.8 kB

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.23.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (21184)
Size
8.8 kB (8775 bytes)
Hash
b709961dd29d261ee0ce8fb17101874a
9a286eaaa964091528b256c81bb446c7072b7e19
0a47c6e6f24e634cb79f886e70bbfd65e1e85b0d2aa4fc133488fd1bc1910e3e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/includes/builder/feature/dynamic-assets/assets/js/magnific-popup.js?ver=4.23.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Nov 2023 05:51:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6549d078-5902"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca

209.182.204.177

200 OK

298 B

URL GET HTTP/1.1
f2f.org/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (463)
Size
298 B (298 bytes)
Hash
b0b80b0256874e70acdc820b52bbf1aa
9aace9a7989736bf535d65f229d0c10e9acea41b
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 12 Apr 2022 00:04:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6254c20e-1f2"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608

209.182.204.177

200 OK

875 B

URL GET HTTP/1.1
f2f.org/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Unicode text, UTF-8 text, with very long lines (2412)
Size
875 B (875 bytes)
Hash
8435e0a6bc86815f46db228163d21b25
06047d8a8d8c45ac02bc116544284b8027479960
d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Aug 2023 17:01:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64e246f1-990"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef

209.182.204.177

200 OK

3.7 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
data
Size
3.7 kB (3734 bytes)
Hash
c2c4e2a562e06e1cb22293a5b920aca6
a7b5a369ac4883f1ee7fa701b238d20238b675ca
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Sun, 20 Aug 2023 17:01:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64e246f1-24e5"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.23.1

209.182.204.177

200 OK

62 kB

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi/js/scripts.min.js?ver=4.23.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (65467)
Size
62 kB (61543 bytes)
Hash
96896ebc5293989884f6cd4eb7188d73
bd3ec97f84961c97b895d00e5d9e060fde0ebf5f
033a80c98752135ba755fa9b3733169b45c7a56f4bf60b619228ed990258dc81

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/js/scripts.min.js?ver=4.23.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Nov 2023 05:51:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6549d078-42f83"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.8.0

209.182.204.177

200 OK

1.7 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.8.0
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (4610)
Size
1.7 kB (1678 bytes)
Hash
a39e45502bab7e9e26723e6ab243e8f8
ac62aacd5ee3e7b64ce6a92b5d8e3fb523e34d16
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.8.0 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Fri, 08 Dec 2023 05:56:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572affd-121f"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e

209.182.204.177

200 OK

6.5 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Unicode text, UTF-8 text, with very long lines (17163), with no line terminators
Size
6.5 kB (6490 bytes)
Hash
4ef53fe41c14a48b294541d9fc37387e
b40c361471225c030e272f10b8d32307b5878223
cc039b37e34853a9bef9d693ebc4366b38d9cec1aa91e0109196cd62f870ae52

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/assets/js/dist/vendor-theme.min.js?ver=4ef53fe41c14a48b294541d9fc37387e HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Fri, 08 Dec 2023 05:56:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572affc-430c"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQLL50tE8.woff2

216.58.207.227

200 OK

31 kB

URL GET HTTP/2
fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQLL50tE8.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30976, version 1.0\012- data
Size
31 kB (30976 bytes)
Hash
5c8f124fd7d2657767fb95a63c783012
d3eb799b7ba989b7b3a1fec7155ff4304f9bc67e
721b76567962131c87e729818f3f1f866ade2857fa5e11e52f8bd71e376f357f

HTTP Headers

GET /s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-tQLL50tE8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:29 GMT
expires: Fri, 06 Dec 2024 15:46:29 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 27 Apr 2023 00:56:58 GMT
content-type: font/woff2
age: 79040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

f2f.org/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf

209.182.204.177

200 OK

1.7 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (4124), with no line terminators
Size
1.7 kB (1741 bytes)
Hash
f4d12a887a23a8c5755fd2b956bc8fcf
7a929ecc2397a7ba38793560a7f0f3ddb8faf93d
a894dbb6e181fc9a70bf4453dc3571e0b5a0b068356310b3139abd081cb80d24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/gravityforms/assets/js/dist/scripts-theme.min.js?ver=f4d12a887a23a8c5755fd2b956bc8fcf HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Fri, 08 Dec 2023 05:56:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6572affc-101c"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

acsbapp.com/apps/app/dist/js/app.js

104.22.0.204

200 OK

91 kB

URL GET HTTP/2
acsbapp.com/apps/app/dist/js/app.js
IP
104.22.0.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectacsbapp.com
Fingerprint36:8E:00:28:16:05:4E:E0:25:C6:B8:CA:7C:F6:07:92:BE:A3:75:0D
ValiditySat, 28 Oct 2023 05:30:21 GMT - Fri, 26 Jan 2024 05:30:20 GMT

File type
Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size
91 kB (91111 bytes)
Hash
af6db79cc261f9ddde2ea78a3341d0c7
2114cda4d52e40b92e36371d8d965dc5ef9cf7cc
82adc81ec49abb103a2d123062623d6663f4132e9d4402ba868b1a53c64a74c4

HTTP Headers

GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:43:49 GMT
content-type: application/javascript; charset=utf-8
x-guploader-uploadid: ABPtcPr3sqAVPRW7N09rVx1ZlesIpCRgZVWuqQ295orjWWP596FV2Aw63OJG9B7hFiCaFAvR6-c
cache-control: public, max-age=300, must-revalidate
expires: Sat, 07 Dec 2024 13:43:49 GMT
last-modified: Wed, 06 Dec 2023 16:40:02 GMT
etag: W/"af6db79cc261f9ddde2ea78a3341d0c7"
x-goog-generation: 1701880802637232
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 299041
x-goog-hash: crc32c=qmjZjA==, md5=r223nMJh+d3eLqeKM0HQxw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 83257085abac5695-OSL
content-encoding: br
X-Firefox-Spdy: h2

f2f.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.23.1

209.182.204.177

200 OK

559 B

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi/core/admin/js/common.js?ver=4.23.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text
Size
559 B (559 bytes)
Hash
d71b75b2327258b1d01d50590c1f67ca
b7820e4ffb6becc133c48f66d9f683545530b959
1ca76922f55b389b8f590ae7e3bcc3a2dccdce3aff1e5a4335af081b76a414ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.23.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Nov 2023 05:51:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6549d078-53f"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/uploads/wtfdivi/en/wp_footer.js?ver=1665143222

209.182.204.177

200 OK

138 B

URL GET HTTP/1.1
f2f.org/wp-content/uploads/wtfdivi/en/wp_footer.js?ver=1665143222
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
HTML document, ASCII text, with no line terminators
Size
138 B (138 bytes)
Hash
b412c53dbbab889d81d1e68c69334553
cd8dca3410f17ad3d8ea35a3f3019cc2bddfddcb
b3858758ae51540bcabdcab5c2350c2fce2772880cf4504d5e1b00943fd4ce04

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/wtfdivi/en/wp_footer.js?ver=1665143222 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Tue, 07 Nov 2023 05:49:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6549cfe1-d4"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=38972e89150019b73122a99561a42155

209.182.204.177

200 OK

521 B

URL GET HTTP/1.1
f2f.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=38972e89150019b73122a99561a42155
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (1191), with no line terminators
Size
521 B (521 bytes)
Hash
51300497928562f8c86c7aaba99237cd
e5826832b85c6afc6502b74cbb8ac5394b04c363
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=38972e89150019b73122a99561a42155 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Sat, 09 Apr 2022 08:07:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62513eb6-4a7"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=38972e89150019b73122a99561a42155

209.182.204.177

200 OK

502 B

URL GET HTTP/1.1
f2f.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=38972e89150019b73122a99561a42155
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
HTML document, ASCII text, with very long lines (1107), with no line terminators
Size
502 B (502 bytes)
Hash
8a5c9689ae636c452b6808740ba04136
8d2c85d7779d00c12aeb6b55a99443952d9a144e
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=38972e89150019b73122a99561a42155 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Wed, 29 Mar 2023 20:31:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6424a012-453"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48208, version 1.0\012- data
Size
48 kB (48208 bytes)
Hash
c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

HTTP Headers

GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:02:45 GMT
expires: Fri, 06 Dec 2024 16:02:45 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
age: 78064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 33092, version 1.0\012- data
Size
33 kB (33092 bytes)
Hash
057478083c1d55ea0c2182b24f6dd72f
caf557cd276a76992084efc4c8857b66791a6b7f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

HTTP Headers

GET /s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33092
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 23:21:56 GMT
expires: Fri, 06 Dec 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 51713
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14712, version 1.0\012- data
Size
15 kB (14712 bytes)
Hash
3afeae0d768769f5e5f30ac9805c5b70
3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:49:50 GMT
expires: Fri, 06 Dec 2024 15:49:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
age: 78839
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0\012- data
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:45:41 GMT
expires: Fri, 06 Dec 2024 15:45:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 79088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

f2f.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17

209.182.204.177

200 OK

39 kB

URL GET HTTP/1.1
f2f.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (65266)
Size
39 kB (38575 bytes)
Hash
e53ec3d6e21be78115810135f5e956fe
523892839b88351523e0498ba881c4431197b54e
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: application/javascript
Last-Modified: Fri, 30 Sep 2022 02:21:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63365296-26935"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/uploads/2023/06/home-blurbs-kiosks.jpg

209.182.204.177

200 OK

43 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2023/06/home-blurbs-kiosks.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, progressive, precision 8, 360x240, components 3\012- data
Size
43 kB (43330 bytes)
Hash
59ee9855b4972a719317af49f715a027
f7845fbcc28a44893e9e0d56d85a860bef0541a0
335499a67d94eedf9e2e93315de9a336b6eccad59522e8b7b6edd987b7b1484f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/06/home-blurbs-kiosks.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: image/jpeg
Content-Length: 43330
Last-Modified: Wed, 14 Jun 2023 03:36:02 GMT
Connection: keep-alive
ETag: "648935a2-a942"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2019/07/SDRI-1080-1054.jpg

209.182.204.177

200 OK

200 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2019/07/SDRI-1080-1054.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=14, height=3456, bps=0, PhotometricIntepretation=RGB, description=large group of friends together in a park having fun; Shutterstock ID 439061860; PO: 302522121; Client: e2011e02-40d4-4dc3-976a, orientation=upper-left, width=4608], baseline, precision 8, 1080x720, components 3\012- data
Size
200 kB (200153 bytes)
Hash
a91c6a2b736fcdf96145dca7ad86e6b1
1c3c2bea222f268d26afe3a958e0d55a9eb4a72d
559b377e421c3ef67627502fc88fe8a1d303a308218552db2995437b2829fbcc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/07/SDRI-1080-1054.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: image/jpeg
Content-Length: 200153
Last-Modified: Thu, 25 Jul 2019 17:21:12 GMT
Connection: keep-alive
ETag: "5d39e508-30dd9"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/et-cache/50397/et-divi-dynamic-50397-late.css

209.182.204.177

200 OK

2.2 kB

URL GET HTTP/1.1
f2f.org/wp-content/et-cache/50397/et-divi-dynamic-50397-late.css
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (16772)
Size
2.2 kB (2152 bytes)
Hash
c93f2d4d57113d7f48590b1323d59a44
a62136de336f48a1821fe077bbd3517242252647
addbd44bcf379794563933934c845168f29b24e969d56acabe6229063cb7d23f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/et-cache/50397/et-divi-dynamic-50397-late.css HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: text/css
Last-Modified: Thu, 07 Dec 2023 21:49:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65723e03-4fad"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/uploads/2023/01/f2f-logo-40-years-90.jpg

209.182.204.177

200 OK

15 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2023/01/f2f-logo-40-years-90.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, progressive, precision 8, 280x85, components 3\012- data
Size
15 kB (15329 bytes)
Hash
75c3e236577bbfd600e82c7e7a4cf9af
fd26218afd25466c57a64842be9e9ee89690f0de
397e7d26e8badb7fd4c6597eb1c54ce9fb5fc625ed62e45629168c9357c1ed43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/01/f2f-logo-40-years-90.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: image/jpeg
Content-Length: 15329
Last-Modified: Wed, 04 Jan 2023 20:33:21 GMT
Connection: keep-alive
ETag: "63b5e291-3be1"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

209.182.204.177

200 OK

92 kB

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Web Open Font Format, TrueType, length 92084, version 2.4\012- data
Size
92 kB (92084 bytes)
Hash
4f7c51948ce1b802a13ebbccec151d0c
5b1d3cd0929108da4b6334c4a487db08c9520f1d
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/wp-content/et-cache/50397/et-divi-dynamic-50397-late.css?ver=1701985734
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: font/woff
Content-Length: 92084
Last-Modified: Tue, 07 Nov 2023 05:51:52 GMT
Connection: keep-alive
ETag: "6549d078-167b4"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2023/11/SFGMC-Holiday-Spectacular-Square-Graphic-from-Website.jpg

209.182.204.177

200 OK

137 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2023/11/SFGMC-Holiday-Spectacular-Square-Graphic-from-Website.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, progressive, precision 8, 720x720, components 3\012- data
Size
137 kB (137062 bytes)
Hash
e5af9dd057e5323246dd99d51a643646
5d4fc6533056346b965f1eb9c89c3464d9f8c590
18482ad10b058f1320c1390b73fd5861128abd18e1e99a0c92ec37c8462ac82d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2023/11/SFGMC-Holiday-Spectacular-Square-Graphic-from-Website.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:49 GMT
Content-Type: image/jpeg
Content-Length: 137062
Last-Modified: Tue, 28 Nov 2023 22:19:12 GMT
Connection: keep-alive
ETag: "65666760-21766"
Expires: Fri, 15 Dec 2023 13:43:49 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

beerfestthegoodone.f2f.org/

209.182.204.177

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
beerfestthegoodone.f2f.org/
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: beerfestthegoodone.f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Redirect-By: WordPress
Location: https://f2f.org/
X-Proxy-Cache: MISS

f2f.org/wp-content/uploads/2019/09/home-blurbs-prevention.jpg

209.182.204.177

200 OK

60 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2019/09/home-blurbs-prevention.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2019:09:03 22:24:57], baseline, precision 8, 360x240, components 3\012- data
Size
60 kB (59993 bytes)
Hash
dea38bbf437a003e98efd7addc1fc953
560df1ab3cc783dbdfc0a571749af5309b4f8601
10e6c1c8251be6e05154f4b45158a1f324ca993f3035c0e580334467ccfec954

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/09/home-blurbs-prevention.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 59993
Last-Modified: Fri, 07 Oct 2022 21:21:40 GMT
Connection: keep-alive
ETag: "63409864-ea59"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2019/09/home-blurb-ssp.jpg

209.182.204.177

200 OK

32 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2019/09/home-blurb-ssp.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2019:09:03 22:22:35], baseline, precision 8, 360x240, components 3\012- data
Size
32 kB (31980 bytes)
Hash
21007c9f11292dd4192cd445043e5987
247f367e180fcb21b414f780b3cc850b00bc2436
536999366c683fd9a810bb11dc86ce1a16aed767c0bb19e2145bc3a55925ed71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/09/home-blurb-ssp.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 31980
Last-Modified: Fri, 07 Oct 2022 21:21:40 GMT
Connection: keep-alive
ETag: "63409864-7cec"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2019/09/home-blurb-housing.jpg

209.182.204.177

200 OK

34 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2019/09/home-blurb-housing.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2019:09:03 22:25:44], baseline, precision 8, 360x240, components 3\012- data
Size
34 kB (33560 bytes)
Hash
125e5a50c67e255f38db2d8fdf69b386
40216e8161538dcc847bfb2acbe7887b83cd309f
839303a68d13242596b20ef9865ea34bf1b6993746b6197e1aebdc2eb1fb805b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/09/home-blurb-housing.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 33560
Last-Modified: Fri, 07 Oct 2022 21:21:40 GMT
Connection: keep-alive
ETag: "63409864-8318"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2019/09/home-blurb-resources.jpg

209.182.204.177

200 OK

40 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2019/09/home-blurb-resources.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2019:09:03 22:23:22], baseline, precision 8, 360x240, components 3\012- data
Size
40 kB (40468 bytes)
Hash
a4f41b0aaabdc88251e4de797f888c0a
1cf229caae59691f418086d4aa31dbd12c72d76d
340d71b6ca4bb4ff05e0fe0b6b1b1290e3702c128d7221bdfe9b38062ea42c02

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/09/home-blurb-resources.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 40468
Last-Modified: Fri, 07 Oct 2022 21:21:40 GMT
Connection: keep-alive
ETag: "63409864-9e14"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2021/11/van-solo-450.png

209.182.204.177

200 OK

63 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2021/11/van-solo-450.png
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
PNG image data, 400 x 200, 8-bit/color RGBA, non-interlaced\012- data
Size
63 kB (63332 bytes)
Hash
132b149e6628611a3a5d0756a4e1bd45
372e89ad82455c7e57eac9d1a0fb3393816e8c36
a6237e1417ac99868830bf4c85edb8b47bd21619b60457c90bb9e7fe2d6092a5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/11/van-solo-450.png HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/png
Content-Length: 63332
Last-Modified: Fri, 19 Nov 2021 18:42:32 GMT
Connection: keep-alive
ETag: "6197f018-f764"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=8.3.1

209.182.204.177

200 OK

1.2 kB

URL GET HTTP/1.1
f2f.org/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=8.3.1
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (7043), with no line terminators
Size
1.2 kB (1151 bytes)
Hash
29ed0396622780590223cd919f310dd7
037c8e8f9e571f763c222c8517ac5ca84018bc5e
401373c6cddfc333e45314482184906a357ae96d1fccd5ef6c40d8b7656e7349

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=8.3.1 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: text/css
Last-Modified: Tue, 28 Nov 2023 05:29:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"65657ad0-1b83"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/uploads/flags/flag-us-16.png

209.182.204.177

200 OK

701 B

URL GET HTTP/1.1
f2f.org/wp-content/uploads/flags/flag-us-16.png
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
PNG image data, 16 x 12, 8-bit colormap, non-interlaced\012- data
Size
701 B (701 bytes)
Hash
929868da6967004a92e6a9e55ac658fb
e9ac5927f7c6c513e874c0d4fdfc2520f61b1f1f
44ad3304bdb7b88cfb8760cb071237ff9eff60355b7b3c2f9bc15f3bf38a111e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/flags/flag-us-16.png HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/png
Content-Length: 701
Last-Modified: Tue, 22 Nov 2022 21:01:51 GMT
Connection: keep-alive
ETag: "637d38bf-2bd"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

209.182.204.177

200 OK

92 kB

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Web Open Font Format, TrueType, length 92084, version 2.4\012- data
Size
92 kB (92084 bytes)
Hash
4f7c51948ce1b802a13ebbccec151d0c
5b1d3cd0929108da4b6334c4a487db08c9520f1d
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/wp-content/et-cache/50397/et-divi-dynamic-50397-late.css?ver=1701985734
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: font/woff
Content-Length: 92084
Last-Modified: Tue, 07 Nov 2023 05:51:52 GMT
Connection: keep-alive
ETag: "6549d078-167b4"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

209.182.204.177

200 OK

92 kB

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Web Open Font Format, TrueType, length 92084, version 2.4\012- data
Size
92 kB (92084 bytes)
Hash
4f7c51948ce1b802a13ebbccec151d0c
5b1d3cd0929108da4b6334c4a487db08c9520f1d
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: font/woff
Content-Length: 92084
Last-Modified: Tue, 07 Nov 2023 05:51:52 GMT
Connection: keep-alive
ETag: "6549d078-167b4"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff

209.182.204.177

200 OK

92 kB

URL GET HTTP/1.1
f2f.org/wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
Web Open Font Format, TrueType, length 92084, version 2.4\012- data
Size
92 kB (92084 bytes)
Hash
4f7c51948ce1b802a13ebbccec151d0c
5b1d3cd0929108da4b6334c4a487db08c9520f1d
fe67b77ac7e0ef4b482dafb86adfa403db1b89a2f337d2dc8bd1278cfe975196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/Divi/core/admin/fonts/modules/all/modules.woff HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/wp-content/et-cache/50397/et-divi-dynamic-50397-late.css
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: font/woff
Content-Length: 92084
Last-Modified: Tue, 07 Nov 2023 05:51:52 GMT
Connection: keep-alive
ETag: "6549d078-167b4"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-includes/css/dist/block-library/style.min.css?ver=38972e89150019b73122a99561a42155

209.182.204.177

200 OK

15 kB

URL GET HTTP/1.1
f2f.org/wp-includes/css/dist/block-library/style.min.css?ver=38972e89150019b73122a99561a42155
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
ASCII text, with very long lines (57084)
Size
15 kB (14727 bytes)
Hash
99ab466e0866c823ae5db517d59cebd1
5595a586cbd42b31377681b9d35293278d75d336
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=38972e89150019b73122a99561a42155 HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: text/css
Last-Modified: Tue, 21 Nov 2023 05:47:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"655c4485-1add3"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Content-Encoding: br

f2f.org/wp-content/uploads/flags/flag-mx-16.png

209.182.204.177

200 OK

490 B

URL GET HTTP/1.1
f2f.org/wp-content/uploads/flags/flag-mx-16.png
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
PNG image data, 16 x 12, 8-bit colormap, non-interlaced\012- data
Size
490 B (490 bytes)
Hash
6337256c489cc59e54692e5f8262da8e
e34561a918db9b104ed91e944c36ae8fc9c3e2ce
4e2c812edf166c08066dbbe6c75f2f05ecff2374c480edd82d609da6be1777f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/flags/flag-mx-16.png HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/png
Content-Length: 490
Last-Modified: Tue, 22 Nov 2022 21:01:51 GMT
Connection: keep-alive
ETag: "637d38bf-1ea"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2019/09/home-blurb-ribbon.jpg

209.182.204.177

200 OK

30 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2019/09/home-blurb-ribbon.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2019:09:03 21:51:38], baseline, precision 8, 360x240, components 3\012- data
Size
30 kB (29850 bytes)
Hash
3315f6f311d2ce9a4210cdebe517857b
ec70c5c247b2cabe8827b68750efcf6554695f74
cc6d07084711b0c2baaff50cd582aab48b0c9c553ebe601867d0d072941da06a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/09/home-blurb-ribbon.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 29850
Last-Modified: Fri, 07 Oct 2022 21:21:40 GMT
Connection: keep-alive
ETag: "63409864-749a"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2019/09/home-blurb-prep.jpg

209.182.204.177

200 OK

24 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2019/09/home-blurb-prep.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2019:09:03 22:24:25], baseline, precision 8, 360x240, components 3\012- data
Size
24 kB (24518 bytes)
Hash
a49425a961d47855fa71cf477ba668e4
25f1ac55ce1350ae0acc78fa5426b5ac14695152
13a55c5bb7012c69c5963ae058539054ab9488cafd806e2ff7e8381cd0f1279c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/09/home-blurb-prep.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 24518
Last-Modified: Fri, 07 Oct 2022 21:21:40 GMT
Connection: keep-alive
ETag: "63409864-5fc6"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2021/11/swoosh-rainbow-1080.jpg

209.182.204.177

200 OK

108 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2021/11/swoosh-rainbow-1080.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2021:11:16 17:04:35], progressive, precision 8, 1080x492, components 3\012- data
Size
108 kB (108074 bytes)
Hash
96f29c8f92b5a878dabad9b1cf2f20e9
938634707896452c0ae7a8aaecbe31d316a65b8b
8f665bdf374a1e281dc674dcf2dc7ff0063f6c802182673d8e7070b47e578fed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/11/swoosh-rainbow-1080.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/wp-content/et-cache/50397/et-core-unified-deferred-50397.min.css?ver=1701386399
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 108074
Last-Modified: Thu, 18 Nov 2021 16:17:38 GMT
Connection: keep-alive
ETag: "61967ca2-1a62a"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2022/11/f2f-bohemian-on-the-move.jpg

209.182.204.177

200 OK

136 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2022/11/f2f-bohemian-on-the-move.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, progressive, precision 8, 795x530, components 3\012- data
Size
136 kB (135866 bytes)
Hash
f45f440b4ffc7734ff56a1f519ae2412
354b6ddeba37fcf363aa5846c042a15c2a4431cc
945dd2aee7bc67f7c0ad5bd6f84e1f39bee8d5498e48ccf9b4d47017108af10b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/11/f2f-bohemian-on-the-move.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 135866
Last-Modified: Sat, 19 Nov 2022 00:44:48 GMT
Connection: keep-alive
ETag: "63782700-212ba"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2019/08/AFL-2019-Invite-800-2.jpg

209.182.204.177

200 OK

119 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2019/08/AFL-2019-Invite-800-2.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Macintosh), datetime=2019:08:16 08:04:55], baseline, precision 8, 800x587, components 3\012- data
Size
119 kB (119086 bytes)
Hash
e4f1b5b461344ab4d0a11d5ad07fa3d1
da45b0e1fd7da4e53d79491d80ef772ccce4cae7
7284b2827b3256d2a21a7d72b103d1fe9ea702a40b85217963a6c04ab2a81668

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2019/08/AFL-2019-Invite-800-2.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 119086
Last-Modified: Thu, 03 Nov 2022 00:42:28 GMT
Connection: keep-alive
ETag: "63630e74-1d12e"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/2022/11/cropped-cropped-favicon-512-1-192x192.jpg

209.182.204.177

200 OK

3.7 kB

URL GET HTTP/1.1
f2f.org/wp-content/uploads/2022/11/cropped-cropped-favicon-512-1-192x192.jpg
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Size
3.7 kB (3710 bytes)
Hash
269d350daf720bcfa51e365b1541e8da
ccff5ed50907ca8b87afad9ff81b499ccab8011d
92ecb76197904774eb54c162e20d106389afb25897baa67baffe599e83b1e6c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/11/cropped-cropped-favicon-512-1-192x192.jpg HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/jpeg
Content-Length: 3710
Last-Modified: Wed, 16 Nov 2022 18:35:14 GMT
Connection: keep-alive
ETag: "63752d62-e7e"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/wp-content/uploads/fbrfg/favicon-16x16.png

209.182.204.177

200 OK

825 B

URL GET HTTP/1.1
f2f.org/wp-content/uploads/fbrfg/favicon-16x16.png
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Requested by
https://f2f.org/
Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
825 B (825 bytes)
Hash
184d7ca20d39fc7ebea1f2064c46c3cd
12181b34f18423f1335c6490d41947f37b8dab49
befd06be27c8132959f1b6aee298e25404702c9ca147ecd5ee34a1f504f845b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/fbrfg/favicon-16x16.png HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Cookie: _ga_3KDK0TQSYW=GS1.1.1702043035.1.0.1702043035.0.0.0; _ga=GA1.1.156111510.1702043036
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: image/png
Content-Length: 825
Last-Modified: Wed, 16 Nov 2022 18:33:22 GMT
Connection: keep-alive
ETag: "63752cf2-339"
Expires: Fri, 15 Dec 2023 13:43:50 GMT
Cache-Control: max-age=604800, public, must-revalidate
X-Proxy-Cache: STATIC/TYPE
Accept-Ranges: bytes

f2f.org/

209.182.204.177

200 OK

61 kB

URL User Request GET HTTP/1.1
f2f.org/
IP
209.182.204.177:443
ASN
#54641 IMH-IAD

Certificate
IssuerLet's Encrypt
Subjectwww.f2f.org
Fingerprint3C:B6:26:49:23:9B:2C:43:6B:EE:C0:A9:8F:62:B4:84:7F:83:91:E2
ValiditySun, 05 Nov 2023 02:37:24 GMT - Sat, 03 Feb 2024 02:37:23 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (26333)
Size
61 kB (61381 bytes)
Hash
4f691d7d64822b01c3721a1e74bad167
65188d29599b74de02bac1ecc80b1492c3ef02a7
83084c075cbcc36e36144bd962bd83f445f952143bbdb6a576879c99928dfc9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: f2f.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.3
Date: Fri, 08 Dec 2023 13:43:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://f2f.org/wp-json/>; rel="https://api.w.org/", <https://f2f.org/wp-json/wp/v2/pages/50397>; rel="alternate"; type="application/json", <https://f2f.org/>; rel=shortlink
X-TEC-API-VERSION: v1
X-TEC-API-ROOT: https://f2f.org/wp-json/tribe/events/v1/
X-TEC-API-ORIGIN: https://f2f.org
X-Proxy-Cache: HIT
Content-Encoding: br

aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

5.8 kB

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max speed, from Unix\012- data
Size
5.8 kB (5759 bytes)
Hash
26f74a51f3a41ab81bb1600c4dff77f8
94f623e1202d4fe4243e01b574201944e21ac815
68c20496e6e0670329c0a07f07d26fa6c870903c3c5f0f5082d8f6a09373be62

HTTP Headers

GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 13:44:02 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-01-19-16-42-22.chain; p384ecdsa=CD0aVjDH0t_ps6yaPgjkXC63P4nQjhny-Bi1v_EEwUBJzdBTxpnf68qgCulbOyrqjyHJfViswY1Vaf4t0yh_uGkGJwxnyfIJX6t6vtLcJBIkPlpB3d1GPy7I51nes2wD
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip

62.115.252.115

512 kB

URL
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP
62.115.252.115:0
ASN
#1299 Telia Company AB

File type
Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size
512 kB (511815 bytes)
Hash
152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48

HTTP Headers

GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Last-Modified: Thu, 16 Nov 2023 07:38:15 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1700120294.87662
Content-Type: application/zip
X-Trans-Id: tx15b69f172b404fa58b2bb-006555fb11dfw1
Cache-Control: public, max-age=102495
Expires: Sat, 09 Dec 2023 18:12:17 GMT
Date: Fri, 08 Dec 2023 13:44:02 GMT
Connection: keep-alive

stats.wp.com/w.js?ver=202349

192.0.76.3

200 OK

4.9 kB

URL GET HTTP/2
stats.wp.com/w.js?ver=202349
IP
192.0.76.3:443
ASN
#2635 AUTOMATTIC

Requested by
https://f2f.org/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11119), with no line terminators
Size
4.9 kB (4916 bytes)
Hash
1ac0848d5bceb8555feaf98f8fb860cb
117dcc305a16fbf0f0ef2d173c3c52adfa816047
585d4af3a08847a4604f8796b4841ebf7eaec7211606cc954f88dc9f27c72b28

HTTP Headers

GET /w.js?ver=202349 HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 08 Dec 2023 13:43:47 GMT
content-type: application/javascript
vary: Accept-Encoding
x-minify: t
x-minify-cache: hit
etag: W/11154-1698845935987.3887
content-encoding: br
expires: Wed, 27 Nov 2024 16:32:01 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Nunito+Sans:200,300,400,600,700,800,900&display=swap

216.58.211.10

200 OK

16 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Nunito+Sans:200,300,400,600,700,800,900&display=swap
IP
216.58.211.10:443
ASN
#15169 GOOGLE

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
16 kB (15778 bytes)
Hash
496f49d7f3867ac209849bf5054e079f
7d8a9a8d5afdf49317be565f62c67ee29427e9a1
72ff298267e754adfb0a982f1628529f62beb79b9a1b6c517e166e6b9077577d

HTTP Headers

GET /css?family=Nunito+Sans:200,300,400,600,700,800,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://f2f.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 08 Dec 2023 13:43:48 GMT
date: Fri, 08 Dec 2023 13:43:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.acsbapp.com/config/f2f.org/config.json

104.22.1.204

200 OK

163 B

URL GET HTTP/2
cdn.acsbapp.com/config/f2f.org/config.json
IP
104.22.1.204:443
ASN
#13335 CLOUDFLARENET

Requested by
https://f2f.org/
Certificate
IssuerGoogle Trust Services LLC
Subjectacsbapp.com
Fingerprint36:8E:00:28:16:05:4E:E0:25:C6:B8:CA:7C:F6:07:92:BE:A3:75:0D
ValiditySat, 28 Oct 2023 05:30:21 GMT - Fri, 26 Jan 2024 05:30:20 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
163 B (163 bytes)
Hash
154fa0e13437604932f71baf738b745a
9cf2a66f59911dc51041f4a03d0613bdd81f4d98
857beee65494fb21ebb9ce2a043b7c9dc53c9327a29d2d6f34ae1fb98aab5c23

HTTP Headers

GET /config/f2f.org/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://f2f.org/
Origin: https://f2f.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 08 Dec 2023 13:43:49 GMT
content-type: application/json
x-guploader-uploadid: ABPtcPpbe1ur7DuBdkk0SsaVQI440xjrdxZT-fs9_I7EPu8TVdZnCLfUmin4YYnkfulJK9qoiBhH8qiPKQ
x-goog-generation: 1693581363397495
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 163
x-goog-hash: crc32c=jqACig==, md5=nDmP+sFOqOWj1uLjrFjOPQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 07 Dec 2024 13:43:35 GMT
cache-control: public, max-age=300, must-revalidate
last-modified: Fri, 01 Sep 2023 15:16:03 GMT
etag: W/"9c398ffac14ea8e5a3d6e2e3ac58ce3d"
age: 14
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 832570894e4fb500-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

JavaScript (84)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash