| xf0.me/avatar2.png | 188.114.96.1 | 200 OK | 157 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typePNG image data, 446 x 559, 8-bit/color RGBA, non-interlaced Size157 kB (157182 bytes) Hashc4fcd37e666317ee1ad0eae06185f2f2 51368ab9491b76ccc2eb5e3b2aa80dfbb7f170db 876170262ba743c1d3f0899bd59426601ca2089f477db5b46a4daa670c2d394a
GET /avatar2.png HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/png
content-length: 157182
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "327f84adb95ccb484bcd3a6968583505"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Di1Ya2%2BUFAzDdCE1SX7WooTacucKicDKqZvyfc4zA2NvZlhpAUTPIMc2jXnSdPVnMe4fr67lVQQA00a9Axo4BJC9Y4J7qjetg98c5q1QDfCAwGoIO5dCSXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 881caa54cb96b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/reconbulk.png | 188.114.96.1 | 200 OK | 117 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typePNG image data, 1188 x 500, 8-bit/color RGBA, non-interlaced Size117 kB (117410 bytes) Hash1b007e949b0d4e59bc736fbac8ea0df7 f93b8a3f85691072ef56671bee6e5a39b2604645 6df1baba9481919534608f3d16d0baa2ff1d8e8fcd71f3d61a483d199bba1dd1
GET /reconbulk.png HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/png
content-length: 117410
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "3965ac817376a197c28c7d3d9028847a"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rh4mQ%2FQvPoC2ww99%2BXNWjbz831GThnr8mgDqNbsk93Eo1zg2K1uPE%2F4UKz%2BIzKj1QKFreyaKyT46QCkg7VQrnV4arQXx4D9c4axq9rjy9VXcTF99v63dHzU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 881caa54dbb3b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/bug1.png | 188.114.96.1 | 200 OK | 124 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typePNG image data, 1188 x 500, 8-bit/color RGBA, non-interlaced Size124 kB (124084 bytes) Hash2a42be22bf6dd4bd8364277f856c8203 f5f17b72d2e43a69be08e3661aebd93d8edb0f67 83a588b26c42b35da732d24a1c0cda2eb332e2180acdc4a6463a7c7157ed6cf1
GET /bug1.png HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/png
content-length: 124084
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "70c46a72109d21a02e978df3a8eabcd6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWKH%2BfL%2BvC1MpXXOSQORHGuYSspyaZRA2Gi1xDIhhK97k6PHv2fE7uEI9TfdDTIOc2aKjPZaWdxgj8mt1lqHjr4PId8q6VrJT%2FbzyAExExqlAdGgncz4DdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 881caa54dbb5b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/newsletter.svg | 188.114.96.1 | 200 OK | 793 B |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typegzip compressed data, from Unix Hash94753165d853ecde9b39a496756fef52 81fa6a3b0dd0ead51026f465277a33db3385cfa2 49bd638664a589542d313e523eb617e222426275ca8afd4dfcf3d987e85f9021
GET /newsletter.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"0b6b3bdd75b0f8c2317acf5464e9912b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xAHoW%2B%2BbMB0zloFaXLDxilW3xn0AJ4lBn2kLszRQdIjcbytOnR1jaeHlugQ1vsrx%2F0pJezPCUSjujoyWjEmyb6HaoMRoogWR1DAH%2BfF92v1c%2B43R%2Fc3ZUgE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dbc0b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/bug.svg | 188.114.96.1 | 200 OK | 5.0 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typegzip compressed data, from Unix Hash8f296736fb1a0e0674d3cdfbf5667cb2 9b166ab00ee9f705260cb2e75e979f236f706619 7179e2b4bd22feeb2239b19910540181708274c6e138a87100141f7b064958bd
GET /bug.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"e1ecdb7d3d204e256f014e7df5ce178d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7B15dao49eHzEmp4r7TbM9hPvN2U%2Fzqnn%2FqzCi%2FuwIOJ0SjpVKQYkbpK8%2F9%2Fr5BgKEtUo1LCS%2FCOcp0naONFLywPAz58tz4G2i3N%2F%2FlpYSdNz7moRo8sEks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dbbcb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/linkedin.svg | 188.114.96.1 | 200 OK | 873 B |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typegzip compressed data, from Unix Hash6aa1d4c690cce07b4ba7fab142f257ed f16decd2b9a799f038170ab4a39cf7c8ff38abdc 22d27adac0bd804116f9a249c81fef647461326b839ea925ba422d1e6f20fea2
GET /linkedin.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"84ae34bb9da74f7d8788876906c2fc59"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zogXcvYTemes2CR0vqFqiXsOYeabJCwOzeXsKiEsZRoT7V0vBXly3E9Tu0o8oE2Id1c%2BGW%2Bc2EAWKQK8AmyAuc%2B%2BTNtWUTr38XlPaTu9ZcYZXUzsbqga3dU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dba4b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/x.svg | 188.114.96.1 | 200 OK | 801 B |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typegzip compressed data, from Unix Hash0dba5d9683dd243ce440d97d19536207 10abae2ee92825d2f1a31b33f786155d8a4af6e8 c31e660df2de139f2fc3548ae17fd1bbc3cbb3ed90b2dc1aa9e217a98c51de39
GET /x.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"8d0059cadb7f0f20527876525afd80ff"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ktTp7LWJNzo1PLMvyCU3i%2B%2Bnz3jbLALWWpvfKDEepRv2a6u5Fi8Jog8gU68UGU5YUuwbSVfX7V15mNz9BjI7Tn6WuQdvlgUG4Yebl0dfQSnJAoxpaPMxDJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dba2b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.7 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7748, version 1.0 Hasha09f2fccfee35b7247b08a1a266f0328 0da2d17e738f46d2a09e6fb7969da451719a9820 cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xf0.me
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 May 2024 03:25:26 GMT
expires: Wed, 07 May 2025 03:25:26 GMT
cache-control: public, max-age=31536000
age: 320472
last-modified: Fri, 22 Mar 2024 00:01:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xf0.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3xf0.me/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typegzip compressed data, from Unix Hash00ce9a874fa86a8feed43cd8039d166a 0ddd83e858bf6f8a0fc93db624124b3d87283e22 460a5352d96383d1a1aa26d5cd8383417e50c801c22f5f0b71d15bdabfb662e8
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 09:31:53 GMT
etag: W/"663b4689-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2B8PWQ5dAf0geMEdNN8aFXIanR%2FNXx8QWWls97QqDIujDjcEOvIMefH7ERSOzzz0YPYvHsFZnOHiACiIMRUkZxVyoXup1P4d1lShzjvomDhtzvzD0R0XBo0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881caa54ebccb4f3-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 12 May 2024 20:26:38 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 | 216.58.207.227 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7840, version 1.0 Hash8d91ec1ca2d8b56640a47117e313a3e9 a9e9bafe64666f4595051a0e895b47a5fa39e67e 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xf0.me
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 05:07:49 GMT
expires: Sat, 10 May 2025 05:07:49 GMT
cache-control: public, max-age=31536000
age: 55129
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xf0.me/avatar.png | 188.114.96.1 | 200 OK | 353 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typePNG image data, 786 x 984, 8-bit/color RGBA, non-interlaced Size353 kB (352919 bytes) Hash007c835efeb7e2a58fcb94fc3bd09667 6b4644595dec22468f6062179c034ffc170f5a81 3e9ed1e0afe088dc6e249b271b0c05661acf9f2f7a086a88dacc44d528867fc7
GET /avatar.png HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: image/png
content-length: 352919
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "fb1203f14cb4da98c25bb35869a85c2e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b%2Flme1UyLd3EArwrpHzA8nZAd%2Fp9cvWUqpRPVKaSlgn%2FtPvJDUZijv91nfzJc3WZzbAKSdwRp%2Fh3Qit6HYY8q3ABOvURX20by9YLN%2FjpvZKWMHfTYO17nQ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 881caa54ebc4b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/favicon-16x16.png | 188.114.96.1 | 200 OK | 1.3 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hash7b3b5f02bc2a582e418e236b111daa4e cfa7aebe5209e4d666eda45f14c38f84a5b99606 46429f7efb49e4a898270d70aca694b3b4c6fb3738a085aa391a02ce9c789501
GET /favicon-16x16.png HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: image/png
content-length: 1281
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "714384072cc6325ce6336b138dcfbcda"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jjZginy4rsN4YKuoIXcuV6cy5DwWj5ayVNiT2pcIxdSnxsxaq%2F8TAIYfaIukmgd5Il9VHvyml1gvfat1AOqC3hwAy9ex8%2BWizcaIPCJo3j%2FQl8quhWiC2Hk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 881caa5a49f9b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/apple-touch-icon.png | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3xf0.me/apple-touch-icon.png IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typePNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced Hash5d6e29fee9328222c8fb3fc8567380e2 fe6971dfa8e6b15940fd1c7cc0738bf984593a89 3fd6c747041ec2e424770c78dfbc565632770cfca514b5ee225a8d81859f6c1f
GET /apple-touch-icon.png HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: image/png
content-length: 11237
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "b3f68dfcbcdb761f697423852cc5cc1e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cGRbWK0J5SEeq%2B9%2BF5lwkx2hDmKTKAI5g3Zr7%2FnIC3GJBkhIFa8Dc8sHkS4lsYy3ifCmQ9L6WLrTNFDJFxb7OZW%2BJPM0QvcwW4KjZkulGyS0gSAKwwlmrfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 881caa5a49f7b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2 | 188.114.97.1 | 200 OK | 47 kB |
URL GET HTTP/3tally.so/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2 IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 46552, version 1.0 Hash74c3556b9dad12fb76f84af53ba69410 342edef074482299f72f8f7a8862e6f908bd4137 3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/c9a5bc6a7c948fb0-s.p.woff2 HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: font/woff2
content-length: 46552
cache-control: public, max-age=86400, stale-while-revalidate
access-control-allow-origin: *
last-modified: Wed, 08 May 2024 15:55:33 GMT
etag: W/"b5d8-18f58eac908"
x-cloud-trace-context: 28fc9f9a3c7e26002a1feb5d683fe265
cf-cache-status: HIT
age: 52496
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQWPW%2BtYJwGMU2Hnl8Lxx7h8SBzoNcYRP8pKd%2BnVw3PmIIwP8Srl3pCAOV3tpSJBXCotTDbSJp%2B%2FYJh8ZKKHsuXVPWaerqYu%2ByELpLZ22qMyaVAmmf1euMkGCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881caa5b2ec60b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/main-b131b8188e1836d4.js | 188.114.97.1 | 200 OK | 38 kB |
URL GET HTTP/3tally.so/_next/static/chunks/main-b131b8188e1836d4.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typegzip compressed data, from Unix Hash31caf612eaf7a887c9e6eabc402b460d 2d067a963b01a32853446266b462f4b123ce5919 72a48f15aa8eebbe8ba45f3ab7d9dc4e1e0b858c681e3a98985ce27446cf8319
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-b131b8188e1836d4.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"1fee0-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 878917
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZlsAtAlBnOucy%2Bb26f9lHVF7r3FJ7TJCrL3w6p2e8YvzU%2BqkjWaF51rJOdinM7T%2FYmyEOFaaNq1MyubTXcjS0ZkU8zhy2UUmFgtr%2FjsmPZk4h%2Bjp9Yw88HWwXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5b9f280b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/pages/_app-df01ac0ae1b94297.js | 188.114.97.1 | 200 OK | 88 kB |
URL GET HTTP/3tally.so/_next/static/chunks/pages/_app-df01ac0ae1b94297.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typegzip compressed data, from Unix Hash1e31d224e007ea4542280e7c71aab49a 3cb7a35bd002a98d9aa0a35fa620f7aafaa7e928 d8cf00f99f005b6daf72d50396e5d3be9688270135d9da932feda2c60f183dbb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-df01ac0ae1b94297.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 10 May 2024 14:26:35 GMT
etag: W/"4302e-18f62e60d78"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 21308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5E8FyJ7kU1QKx7xiP%2BFuR%2BhbImYfzT%2FleI9%2FmH9PufoRQTvjA5gL5Or3cfqrLrirm746G14bRT%2B%2BA%2FXbsyqm%2F9rIlNfqh2mZPBn7vURwDDT8b%2BLyQU84Trhb8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5b9f2a0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/5376-e74a5370b39f7eb8.js | 188.114.97.1 | 200 OK | 6.7 kB |
URL GET HTTP/3tally.so/_next/static/chunks/5376-e74a5370b39f7eb8.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typegzip compressed data, from Unix Hashfa4305e1571858e7256f41603ddfb303 6a2462ac988e0c65ebe6316344c2da4967f03842 1fa3e7c4f26bb8f7dd74d8a6baa696851ac79c1ad2de2722c1b35681b897ce96
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5376-e74a5370b39f7eb8.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"4b9a-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 874788
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gRG763omwgHQ%2Fyzio2pog2SfuGyjGogzs6bVpS%2B%2FNR4pdPrYv%2FJa22l5e8huGqDY1Px9mhFd8Dv2KE51mD1BlLzaIlHH5cc2THAsG9tRHa2lrAxJ%2FjstszFEiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bbf3f0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/4681-2a027613c47b8f3f.js | 188.114.97.1 | 200 OK | 20 kB |
URL GET HTTP/3tally.so/_next/static/chunks/4681-2a027613c47b8f3f.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typegzip compressed data, from Unix Hashca55f9fe3663e9feebdfbca204aad3c8 8d665c96aad2b1c9bbd5203a7275289fc150421e 9dbe95200bab751b4a6b55295931aed7d51b6392ca3ad979851eeba3856cce73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4681-2a027613c47b8f3f.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 07 May 2024 13:54:35 GMT
etag: W/"13664-18f5355ad78"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 282423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NW4%2Fyjskfx6CERGywY6wtDsVeSuXQHMWYjzdpttwn573xofQwz4IdwRro8VyIC4EHU97%2FmX8luBLgoW9%2FK5DUPEVApM6RuIwL0EF2WdBf%2B3JgTUREG%2BIrJHkzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bdf5e0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/coffe.svg | 188.114.96.1 | 200 OK | 1.3 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typegzip compressed data, from Unix Hash79a9acd5971befb7c2ea4e67f75c8cdb a8b452b96cecad7d04ddd6ee90a6cbc68c006dc9 5c152107677037d10db1a6e4c10b9b235c96e2c0762a3269f096f587643c2a4d
GET /coffe.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"5a5c447acabff627beb95b81649b16c8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jIi31nZPb8f1isFxsPqxBgMAg6jidxHD%2BHabqH6ScKdg0VIky7YoKCb1sdaJ6koU59Ajsrtm%2FFcj82t83pNVtnpjez7ZbmHoU4ESU5yJ5az1QDc0ujKgyDM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dbb1b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/9027-d3448e6225e526c4.js | 188.114.97.1 | 200 OK | 7.5 kB |
URL GET HTTP/3tally.so/_next/static/chunks/9027-d3448e6225e526c4.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typegzip compressed data, from Unix Hashdd29c7521a695cefc21b4b6d3a5dbe9a a6b57130226964a7ec593df46edf183b83687145 ad7e136621f893ac40b45c41d8ca83f92a7f15b50a793028b366fad941d352be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9027-d3448e6225e526c4.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"1371-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 870473
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k06pR3jp2tKUVIoK0%2BopxZjwnuJqFOjmMepRyFwFk5Xfub9CN%2FDoDpZiZ3mxlBnIUNDRgbc4IfebXLMfvJPf%2FgDh2lHEl037ZhPpeRsDwv3zQ%2F6vhNsGNCUpQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bcf460b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/d-Jui6R-ZIYIYmtzQio1O/_ssgManifest.js | 188.114.97.1 | 200 OK | 7.3 kB |
URL GET HTTP/3tally.so/_next/static/d-Jui6R-ZIYIYmtzQio1O/_ssgManifest.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeASCII text, with no line terminators Hashb6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/d-Jui6R-ZIYIYmtzQio1O/_ssgManifest.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 10 May 2024 14:26:35 GMT
etag: W/"4d-18f62e60d78"
vary: Accept-Encoding
x-cloud-trace-context: 54247fb50112b55cfb30eb51f57d1a61
cf-cache-status: HIT
age: 21308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kim1qoxh5PGB0otNn03X98iNzYBdgQgPHXEYnMM%2FkBlL3laqZmkSpTGfz7FK87HgnjdTzVXZyBAZtAF88HrxdjNpXaaomC4umZdoLdYTb3M0y0TFQf1n6xyQPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bff780b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/177-441380e846747cd9.js | 188.114.97.1 | 200 OK | 18 kB |
URL GET HTTP/3tally.so/_next/static/chunks/177-441380e846747cd9.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typegzip compressed data, from Unix Hash10c35fe9e96896889f324a16327e576a 14a905a4c42b62a3d47ab5271a174f71d913504f 4c90d722ab8e6583bddb5c80846fffd620e424de8f3bab1d8950616d4cddedd1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/177-441380e846747cd9.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"7fba-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 874788
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Bqp95DymbVNWC6iRGBYPYcQrn%2F4Apq2HVWx%2F%2FU5%2FL677KZBzIF%2BA7eDScFAlyLvqMpiN4pXCtR1U2PvyCil9btLnRw3Z1BceBlrU0Ozx0Ngo87ntqSmHqyRVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bbf410b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css | 104.17.24.14 | 200 OK | 72 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css IP104.17.24.14:443
CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65348) Hashc0be8e53226ac34833fd9b5dbc01ebc5 b81ef1b22de26af8a7a4656f565fbc91a69d7518 5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 227725
expires: Wed, 30 Apr 2025 20:26:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=66%2FMaPnt2rF0fw8uoUIlHDVcISyef7uzezzPqFfwpLOId0fV5vQgG45lYDQTkho%2BqtNvL2spisr9NIzmVOaIcCKTWVghSdMHicFqsci%2F5VYaUowtv%2BPmOTEVoHJn7SZ2gWpQl7ya"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881caa56692156bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tally.so/_next/static/chunks/9402-0d895e200dcc4ec3.js | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3tally.so/_next/static/chunks/9402-0d895e200dcc4ec3.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeJavaScript source, ASCII text, with very long lines (13189), with no line terminators Hash11bff21b1b0d5ad23663d9c1a422f346 044bb716c64e9f2689a32d614f96ff2200598861 def262ec678db4751efe0b47175c606e420c2ef77c8aa9d6cd9debdab9e0ba91
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9402-0d895e200dcc4ec3.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"3385-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 878884
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SvZ5H1c7HL6lispmBqtxd3FngNIIrmbMSbk4PXylVXQxFR9D9GiftNzSgvSIkci3HtS2ydTFddEnSKKBP9Acj3gvQd610ctiEBC4NfFNQqZ9ez3FWBADIEOjHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bcf490b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/notion.svg | 188.114.96.1 | 200 OK | 877 B |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typeSVG Scalable Vector Graphics image Hash02c4fd75326effdfad8edab7359d806c 58903da96b83e85a54da0dbf985fa00fdce2e0dc 130953b0ac2b5718b7886e63cb1b72b1c3323f4ed345ed6dab69136e31d61b1c
GET /notion.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"fe8dc6168ea732c8c77c53a6a79bfdba"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q%2FP8lmapruAWO0VFzOYUJpQVytQo79pwen6R0DapBBzyM2kTXGC9IUolZBPR9208sEGubxhWk6NIN73WNhvAPRy9U6a5eIAjVH4TZaN9PYtglPfOzaL5zlc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dbafb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Poppins:wght@300;500&display=swap | 142.250.74.106 | 200 OK | 1.6 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Poppins:wght@300;500&display=swap IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1614), with no line terminators Hashee90111deadc99520ae0743cc8cbdfcf 2102eda9e10eed4652ede152ecc31fb197dc6fb1 d631491a5c0f4503d16ac70bbf6601ce61ae3c361fec6d95e3de1d44066644b9
GET /css2?family=Poppins:wght@300;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 20:26:38 GMT
date: Fri, 10 May 2024 20:26:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tally.so/_next/static/chunks/webpack-d9db3c465b3cf931.js | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3tally.so/_next/static/chunks/webpack-d9db3c465b3cf931.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeJavaScript source, ASCII text, with very long lines (18637), with no line terminators Hashbff479cff154610edef4f0b444b887f0 cdc3ba90cfda99087a6c3d77853f0e3495f4e9bc a7356c740f25f8797eea8a807c917e64e488a24062dc4204a78bf9b4cecd4982
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-d9db3c465b3cf931.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 10 May 2024 14:26:35 GMT
etag: W/"48cd-18f62e60d78"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 21308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DMfGbhAKS%2BkmT7gLALHqnWMKI3YzWkFYDs3UWgXqmWb03AhAZnFJdl7ivhXrQydTDKsvEOmOUojUNQgWrrkZ1y%2BdxujzZLCu%2B782aSnAS37ei1cKTPBKIBs2mw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5b9f200b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/7621-df73cfe9fad20d06.js | 188.114.97.1 | 200 OK | 14 kB |
URL GET HTTP/3tally.so/_next/static/chunks/7621-df73cfe9fad20d06.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeJavaScript source, ASCII text, with very long lines (14453), with no line terminators Hashd6437cc767c044124da05bbc3261fd44 6ee9da9420d292966f72e209561d39288719a5b6 8885446126c8c4e06328fafecb2f35e7d056d71fb1851c3bd21b6aad621ebc02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7621-df73cfe9fad20d06.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"3875-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 870473
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5cRVS0QDP731oBkOHMiB8NPRm7%2BdMXbmrt5INR05q1ZCZxkNaX1Qif6rVOHLXHVPrA0u%2BuFb8purEORoi1xD3hah9oWNYXOhJgeBRi09MYSRqyamfYtLhibf9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bbf430b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/6464-9409142de250ca50.js | 188.114.97.1 | 200 OK | 58 kB |
URL GET HTTP/3tally.so/_next/static/chunks/6464-9409142de250ca50.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6464-9409142de250ca50.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 07 May 2024 13:54:35 GMT
etag: W/"e23f-18f5355ad78"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 282437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XMKfVM8PaJKhyeCzb7FPJ68uGuiISoLhiUffG7kKRq%2BS8%2BXmxsiPJL106kZTPt2TmszP8fUXnFj%2F2Rw9uYLzNYnK14NJTfgSDgNKFbCnXzkCyZ0LI%2FYTyi3CSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bdf540b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.96.1 | 200 OK | 98 kB |
URL User Request GET HTTP/2IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:26:37 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nE3ms9rHucTT%2FaoyfJbp%2Br8HNQPGOTR2cm8IU9UovW8nWKFniTDdYEvdrxClwiemo2M5Xl6rbYyO92Y9xP9I47vG5Ni8BwZx4I%2BGIDGuaodkMDYVbU1cwyU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 881caa507bacb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tally.so/_next/static/chunks/8318.5cc791f16c8e5589.js | 188.114.97.1 | 200 OK | 4.7 kB |
URL GET HTTP/3tally.so/_next/static/chunks/8318.5cc791f16c8e5589.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4872), with no line terminators Hash0d82ee2166735cf6e43d3d166a811c0f 50537ba839fa835d4eea03dae7f87a70641447f6 0fe8537062aef57c18dffc0dfac432864c1665bb7e6499d86c60d4c08483d46e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8318.5cc791f16c8e5589.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"1258-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 878883
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujBTNT10yr5NES5J2MeRRR8AcWgzyvkUgUsXR2n4C0ufhja5QFcPHlmXwyh6%2BzHGDqObirH6N1OZphQlMTgwfOrDA%2BzGbDdhtAWlsbf6hO4AdjGG6sqhVyDULQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5d989e0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| plausible.io/api/event | 194.242.11.186 | 202 Accepted | 2 B |
IP194.242.11.186:443 ASN#34989 ServeTheWorld AS
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerLet's Encrypt Subjectplausible.io FingerprintAD:0F:7D:DD:AB:46:B3:42:B1:97:57:A4:EB:88:19:D6:08:6A:AD:65 ValidityTue, 23 Apr 2024 07:08:31 GMT - Mon, 22 Jul 2024 07:08:30 GMT
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /api/event HTTP/1.1
Host: plausible.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 167
Origin: https://tally.so
DNT: 1
Connection: keep-alive
Referer: https://tally.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 202 Accepted
date: Fri, 10 May 2024 20:26:39 GMT
content-type: text/plain; charset=utf-8
content-length: 2
server: BunnyCDN-NO1-830
cdn-pullzone: 682664
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000
cache-control: must-revalidate, max-age=0, private
application: 10.0.0.3
permissions-policy: interest-cohort=()
x-request-id: F846eQ3Au_JntakOYmsQ
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 202
cdn-cachedat: 05/10/2024 20:26:39
cdn-edgestorageid: 830
cdn-requestid: 48540df0221a32347589d1c704f34fab
X-Firefox-Spdy: h2
|
|
| xf0.me/65ef2b0b5d919685.css | 188.114.96.1 | 200 OK | 605 kB |
URL GET HTTP/3xf0.me/65ef2b0b5d919685.css IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typeASCII text, with very long lines (65203) Size605 kB (605122 bytes) Hashff57e21d2f425e946a6ff1e2a453848e 9e14c31c37e255be52edaa43705781e3c20d9f49 9892c5da636f508bdef3f854056618ea437caf14bb502f83954ef03fbd7a549e
GET /65ef2b0b5d919685.css HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"36a12ba4fb2bc797d1f9f9b29812f23f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jTIorPcQAikIPIeiJundMVNSEaos1peeRN5SsRWEdjpVQvQk3RkQ5FCT3Z3o7XgZ1xRE7hkyEUPFdWUBFJxvZb37%2FahYOu43eJxMw1jGEdpGHUSIGC7XCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54cb89b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| o407628.ingest.sentry.io/api/5277002/envelope/?sentry_key=c17ee4982b124541ae255c0c2f93d48f&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.80.0 | 34.120.195.249 | 200 OK | 2 B |
URL POST HTTP/2o407628.ingest.sentry.io/api/5277002/envelope/?sentry_key=c17ee4982b124541ae255c0c2f93d48f&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.80.0 IP34.120.195.249:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerDigiCert Inc Subjectingest.sentry.io Fingerprint60:82:0B:58:64:CD:37:FD:3F:C0:84:4F:0B:69:CF:58:05:15:97:9A ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5277002/envelope/?sentry_key=c17ee4982b124541ae255c0c2f93d48f&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.80.0 HTTP/1.1
Host: o407628.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tally.so/
Content-Type: text/plain;charset=UTF-8
Content-Length: 448
Origin: https://tally.so
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4VrMDrMfIA.woff2 | 216.58.207.227 | 200 OK | 14 kB |
URL GET HTTP/2fonts.gstatic.com/s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4VrMDrMfIA.woff2 IP216.58.207.227:443
CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13876, version 1.0 Hash5dfb950063bc50674e6fa2d253e35dca dd29cf85f06ab010f99a0b822b085a748eedaa66 69baf07cacf1bac2b8daa8454b821c704446341bb188b49a346907803134fdcf
GET /s/comfortaa/v45/1Pt_g8LJRfWJmhDAuUsSQamb1W0lwk4S4VrMDrMfIA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://xf0.me
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13876
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 May 2024 02:34:47 GMT
expires: Sat, 10 May 2025 02:34:47 GMT
cache-control: public, max-age=31536000
age: 64311
last-modified: Thu, 24 Aug 2023 20:50:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tally.so/_next/static/chunks/60-dfa3f4dad8f6725c.js | 188.114.97.1 | 200 OK | 87 kB |
URL GET HTTP/3tally.so/_next/static/chunks/60-dfa3f4dad8f6725c.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/60-dfa3f4dad8f6725c.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 07 May 2024 13:54:35 GMT
etag: W/"154fc-18f5355ad78"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 282437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6q0FD0F7zwbvFWirFgwkAgbtog6qW2YtVNDQldwxJbGchFSTzi97xlp6F%2Fzc3fClxo8MDc1Y90%2BIgg9tqB%2FLGhgWbXj23Y3fdkbeRExZz6v1Bykb77ARcIi5dw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bbf3e0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/github.svg | 188.114.96.1 | 200 OK | 2.0 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
Hash4d3a736e6847db04db0ae36eb1f15110 b66d7e5072d3e4f95b38f41fc6ef3f490fbcb582 d04b8b926adc7778a10b4e4abbbe9a198988fd8c60cc7e8156e7b4f617a60366
GET /github.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"e36bf8e7ebc25a16cc3d9afb16e6de0e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OY0TE7E0t%2FcN%2FQl6GHCTeacsj%2Bff8uj%2F0It8o%2F%2FqTbY7Ed%2F0e0vHlqUXVw1xBvPZoAuJoa3q4ub2whxsEEQPmWtPDP1sWAUERzNXxCHzqAQo4nWmVwdguCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54cb9bb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/7251.8c652d7c649d4c86.js | 188.114.97.1 | 200 OK | 3.0 kB |
URL GET HTTP/3tally.so/_next/static/chunks/7251.8c652d7c649d4c86.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeJavaScript source, ASCII text, with very long lines (3088), with no line terminators Hash97062350a3a018b649212bc8df5dba73 2a51e76f4206a17c4fd327262117d72154d49b3e 49b4fff0a7f242e66284621ba0c0c549a29c4425f17070799da5a40f34ebccd8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7251.8c652d7c649d4c86.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"bcb-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 874776
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bmRKLnw3UMQNTD6TUmRVTPODOoRq%2Fq8ZcJj0gVZYvgBnPLhJV2asA%2FO3KbAm%2BvY%2BXRXWYuEqYFwURqHQeXxhwrzG1NdvyNhFdsaR2X%2B5td1JriAGjuqIa6oqWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5d88910b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/8789-9ee76d50b5e95a37.js | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3tally.so/_next/static/chunks/8789-9ee76d50b5e95a37.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8789-9ee76d50b5e95a37.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 07 May 2024 13:54:35 GMT
etag: W/"6eca-18f5355ad78"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 282423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uD7Hq1xvYe69WjGeki3QjIFzbfzFAsTvFMxNXmhxnw8QXNPtKIeJtkhq3u7CbURRlKvLt7KVzG%2B11ERmyrobdJ6pJJIayWcRwhsl3wTeqBVt59kMAh7cJiR02w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bef690b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/d-Jui6R-ZIYIYmtzQio1O/_buildManifest.js | 188.114.97.1 | 200 OK | 7.4 kB |
URL GET HTTP/3tally.so/_next/static/d-Jui6R-ZIYIYmtzQio1O/_buildManifest.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeASCII text, with very long lines (7748), with no line terminators Hash2051601b439a8f33d84c947785422685 2c2dad62f5961d743737f09e62d8187d12151632 bf2ddafa70bac8f6fb542d66b4d1b4c948574441baf95585c5d5d0429b7ed109
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/d-Jui6R-ZIYIYmtzQio1O/_buildManifest.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Fri, 10 May 2024 14:26:35 GMT
etag: W/"1cd6-18f62e60d78"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 21293
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VcBNHO6TkNah%2B0SihGVdpcwg36qa%2FjoLOpQU%2BPaJgShmvAeQHBmYzAzljTlcrWpvUSHiZMD55VMZQTalfKvLG7i7jXuT8Fd8sgC7yM0RyJ3VUf45n9ysOvBHlg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bef730b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Comfortaa:wght@500&display=swap | 142.250.74.106 | 200 OK | 2.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Comfortaa:wght@500&display=swap IP142.250.74.106:443
CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (2285), with no line terminators Hash05320213941ad5eacbe2bdb6f0d92283 7a1c5eac22dd30920dd3cf6ed7e2ddc28153e659 09a07446c0d57a2459c604634828233aa7f1dd18f72ed9c88085c276b408e65c
GET /css2?family=Comfortaa:wght@500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 20:26:38 GMT
date: Fri, 10 May 2024 20:26:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tally.so/_next/static/css/35ecd37bad39778a.css | 188.114.97.1 | 200 OK | 6.3 kB |
URL GET HTTP/3tally.so/_next/static/css/35ecd37bad39778a.css IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeASCII text, with very long lines (6294), with no line terminators Hash7e50ce3f0c1164309c9a72152c8e19ea aff1940757fba3ce47c6178190b346c606c8106f 94494d9d864d861e5b0aa1e7c1aaf2ae20f2e823e6c29f8a52d9fb2a0a3a1ae4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/35ecd37bad39778a.css HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"187e-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 864889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ba%2FoIltW7DjXVCj%2Ftcd8NL1QZTADzKkyFBJjk5NhGA6%2FkqglC1D3q3lASljbnGdJsDO3q23Xp9pq0aXB8Lg2bW8%2BnNJPiNZWeWFZvdreLqI54B6AlEraZ4gnLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5b3ec70b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/8391-a5a30af02358c8f8.js | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3tally.so/_next/static/chunks/8391-a5a30af02358c8f8.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8391-a5a30af02358c8f8.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 01 May 2024 12:26:42 GMT
etag: W/"2e7c-18f341f0fd0"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 806147
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zf2VTcD0xwC1GpCMcjsji8aHuYuOyMcRFV2Na19jsbiXLbuAgmHzNYaEa8FXrjTBNr0kvpX4HOxTC%2Br30Obwa26biYDlmEksIEtkRwkM3yMcafvFqck2GUTFeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bcf4d0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/2595-553c7e250cfe9afd.js | 188.114.97.1 | 200 OK | 30 kB |
URL GET HTTP/3tally.so/_next/static/chunks/2595-553c7e250cfe9afd.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeJavaScript source, ASCII text, with very long lines (30304), with no line terminators Hash6f9fb27599a81dffe70110cf0a4e0aca 5efc866fadfd665ebd7b493c4a5316e915591364 f778dc00778e295e7b30b99a22d8fe99e64a65bb1a85f1e6b8713e4484fa954b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2595-553c7e250cfe9afd.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"7660-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 878917
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XmlXAtkLVqG7xydIeXyybSxCDF8LHBnf6XMuvi4QmyQgO0%2B50mUU24xKm8pgQ0i0PB9ZMaRPTYSH1f7%2BXQc3HgbkTK5RkEknmu%2F%2Br7%2BKptqQbfVPaiH37NCBPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bcf510b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/bugNoti.svg | 188.114.96.1 | 200 OK | 1.2 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typeSVG Scalable Vector Graphics image Hash1874d25795be0f0ca52ebe678efd2d6d 4c59761dc8f94400f9e8d16689aa5937befb23a0 fb7afeb322d73b9b93477f44db41705126750d006fea0e4af688cf30f35ce42f
GET /bugNoti.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"a9bbac4f1fbb79af5c1da4c784ba03a6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mhgstk2RBAgspIZuXRf4ZKLNzc4DC3yhcIyzukJlGXnqfAJmcuHldRLTNjzkzlLBUlqFn2rMP6gOKLGlrx4JxkcV3zQCW4tuRyuVBzorvkwa%2FfHQ9ALEj2M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dbbab4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/pages/embed/%5Bid%5D-0079320d2db817f0.js | 188.114.97.1 | 200 OK | 975 B |
URL GET HTTP/3tally.so/_next/static/chunks/pages/embed/%5Bid%5D-0079320d2db817f0.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeASCII text, with very long lines (987), with no line terminators Hash6eeafd422d7f4d5097bf5acc3c8c7c5e c5553406e84aa3bead05241a242cdb65fc933823 5e0ce413f4844831985ffb34c5de5c864ea19c14553a483dba76e7a8b83179bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/embed/%5Bid%5D-0079320d2db817f0.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 07 May 2024 13:54:35 GMT
etag: W/"3cf-18f5355ad78"
vary: Accept-Encoding
x-cloud-trace-context: 62e68d1c1465cc7b04358b181b617d4a
cf-cache-status: HIT
age: 282422
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2FgDC1LV0Oouszc5W3M%2FEiHL8%2FvDv%2F65G14EEsRsjgpmtnkA2q8oCUm5NciJTGEhicHJsWFAvdLWXvN%2FHvX%2Bz4Ow%2F7rnqA9rgxgnB6GSW0QcaqSMDyvfJ0UMqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5bef720b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/coffe2.svg | 188.114.96.1 | 200 OK | 1.7 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typeSVG Scalable Vector Graphics image Hash7dfc151ac30d69dbeeaea2e98293952d 5c7ac0961ececd742652276944f69eeb70b3dcba 107775ed1005599eb6c534ca76d86b7a3ea23e8fc93bf9219e9ff9650fb98200
GET /coffe2.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"45ed935e289831560ec10e6ab0c01417"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jarg8atovJgW606yPG3aMA0wt5y9n6%2BuIjVXbjpY%2BiE8tgWXrbsCIcxDeVmJIQzDl5gXrI9OaknwpFBhTWbx%2FbAXtR2JXVuEhc%2Fw5uc3UQl007oY9aH2e6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54ebc9b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/198-a66de611c8fa52cb.js | 188.114.97.1 | 200 OK | 19 kB |
URL GET HTTP/3tally.so/_next/static/chunks/198-a66de611c8fa52cb.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeJavaScript source, ASCII text, with very long lines (10227) Hashf9f1fe2b45037a13e10b1401513c1eb9 e80892169b593e7a95430b970f57681dc75945d3 888f722340f1f1813db10c9428c93e5c97b1b260706b26b050b035809c1a33e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/198-a66de611c8fa52cb.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"4b7b-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 870473
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WYQKviRI9blozeVAJqRsbhp9wRPLwAjXXN9sI6g6cVZEZHNzaSf38eFCsUv8eXxA0Fg1zXOChGQo8pSm55UFGuN7J035l7zzJiNz%2Bs63eHvHHBpUSStXKbIL6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5baf2d0b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 | 188.114.97.1 | 200 OK | 37 kB |
URL GET HTTP/2tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPoIvz2ggN3cYS5iuPMaqx%2BA369jKtCvPROrUZINmbOFOELaBTon2xZKXc5AEX%2BG2vHLIBRVWmS0xxMDcUhLlChArrwGWriX%2BXC5I%2FXUzv%2FH%2BjLyRDZlxqsqYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa586e655685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xf0.me/email.svg | 188.114.96.1 | 200 OK | 728 B |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
Hashbe1925ffdc7c6d37c1fe9fd498bdcd52 4d5868bdc1ef7bb7558d465ef4f4f50ae4d68c67 a5ee5ea1cadef097a02f6d72d022063ab90b58bb0e3fc315c900da33481d73cb
GET /email.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"58e5f702a5a91cef7d67935f1940f980"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dNSLA5XKPh4JWPQzi4vYgF1am6OQl6J1UGDSnr7mE0Dw2KEOvx65zp1DbDsMPXSeOxzP84y9sy0L9ZFy5JG9KlNRiQtpSqLpmb0yFF6aDavw46smhmiZsP4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dbbdb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/skull.svg | 188.114.96.1 | 200 OK | 5.3 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
Hash71a9a19bf7fdea3a44aeb515055406a4 bfac13bd45cff1e29739b43ca0fcc1e0e45a191e 011a0daaac2d6d9b38c71b88f47d8c0f1b3a10d8cd1e60f2596daf6d356bb6d5
GET /skull.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"9995ade7b3328572b4df6b6128b0bb0e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4K2ElHMkMAh0aLosUVxWlGhFTt5xH4ro2HTHbNoT9tD0RA%2BV2PFVxFAy%2BbbiSQsQdfNK7PitfLxwbX%2FBjhgXMPaQ64apocib1TJ6dZ3frUXyUJ%2Fa0K89Us%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54ebc5b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/youtube.svg | 188.114.96.1 | 200 OK | 764 B |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typeSVG Scalable Vector Graphics image Hashd05e7145224154715987292a3a7d10a3 ef8db8e8fe5023488770ede8c9e0764d43cd31ac c434da6e102a167a91db7841dd84011694b3a13ad9026a91b42971b0535f9ba1
GET /youtube.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"39b625e576e371ce0e7d34ba68e85b64"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SsPM%2BPUCc1xS7MT1jj%2FMGG6jlL%2B9SFLegCd%2BO6eub%2BvPimP0GrEtJfZSSe8AAFshnRInzB7bBGu%2BJMcd09B92u8bS1n4Ocz6W3HEzEw8PyiBaPvrtgwth6A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dba6b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xf0.me/alert-svgrepo-com.svg | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3xf0.me/alert-svgrepo-com.svg IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectxf0.me Fingerprint5E:25:42:8C:FA:D7:54:3C:18:80:43:A6:E8:DA:00:62:98:0D:E3:5E ValidityFri, 05 Apr 2024 14:08:47 GMT - Thu, 04 Jul 2024 14:08:46 GMT
File typeSVG Scalable Vector Graphics image Hash5931cb9f996cf170039fc3958ad2a19a 83b6242dccd5590a4c18e8c5540d1b097bbddbbd 653d93bb93a7dc346f2f4a8f0683ea149207b585ef5ac5d6976aa47133ae9576
GET /alert-svgrepo-com.svg HTTP/1.1
Host: xf0.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xf0.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:38 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"5e387562ed3356bbcfa24d48f24fbcf2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lf%2BZ5UsQEx1xTqbSSj%2FNTO08iMOG%2B0FnCwT6JULyMOG5clY5ChXtAUjKL6bIIRCfy85%2BR%2FW6Uuh5jBMz93R%2F%2Bu1FNVIr41KUVb6SOo6NmtOAXjfDB0034vQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
cf-ray: 881caa54dbaab4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tally.so/_next/static/chunks/framework-314c182fa7e2bf37.js | 188.114.97.1 | 200 OK | 141 kB |
URL GET HTTP/3tally.so/_next/static/chunks/framework-314c182fa7e2bf37.js IP188.114.97.1:443
Requested byhttps://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1 CertificateIssuerGoogle Trust Services LLC Subjecttally.so Fingerprint53:0A:04:22:C1:00:28:BE:81:A3:86:0F:27:E7:F0:7C:34:72:94:86 ValidityTue, 23 Apr 2024 21:02:13 GMT - Mon, 22 Jul 2024 21:02:12 GMT
File typeJavaScript source, ASCII text, with very long lines (65200) Size141 kB (141007 bytes) Hashca12f319f3862c6aa595ce4c0e8eb4d4 be9bdde9d64cd7d08615070413a7726ae17ddc90 fff0bdb3f70b85b820a949503a24610fb007cf4582f1e67f4835a14de511d50f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-314c182fa7e2bf37.js HTTP/1.1
Host: tally.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tally.so/embed/meMYPk?alignLeft=1&hideTitle=1&transparentBackground=1&dynamicHeight=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 20:26:39 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Wed, 24 Apr 2024 08:26:23 GMT
etag: W/"226cf-18f0f368798"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 870473
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LV3%2Fs3p7z1sZzJT9MSGuh0mB4Gz9zGdaGCPHQr1xaVtN18oEu8maaXnu9wROJhNGEfvJ7tRkH5uS2nypDuLKDgrVTdnGCy4x5v0b3xsL1BoKMFF4T1x0wPsRhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881caa5b9f230b4d-OSL
alt-svc: h3=":443"; ma=86400
|
|