Report - my.teamos.xyz/0012113ff1b819a74f9aac588554b26b/announce7:comment39:Downloaded

Report Overview

Submitted URL
my.teamos.xyz/0012113ff1b819a74f9aac588554b26b/announce7:comment39:Downloaded
IP
104.21.71.43
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 18:55:49
Access
public
Website Title
Team OS : Your Only Destination To Custom OS !!
Final URL
www.teamos.xyz/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-18	429 B	32 kB	142.250.74.170
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-04-17	2.4 kB	479 kB	45.133.44.9
teamos.xyz	unknown	2022-01-12	2022-01-13	2024-04-15	467 B	174 kB	172.67.143.25
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-18	874 B	162 kB	142.250.74.72
my.teamos.xyz	unknown	2022-01-12	2022-04-13	2024-03-31	533 B	174 kB	172.67.143.25
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	1.1 kB	98 kB	142.250.74.99
instrumenttactics.com	unknown	2022-01-23	2022-01-23	2024-03-25	1.3 kB	54 kB	172.240.108.76
stuffintolerableillicit.com	unknown	unknown	No data	No data	7.8 kB	22 kB	172.240.108.68
momclumsycamouflage.com	unknown	unknown	No data	No data	2.5 kB	5.6 kB	192.243.59.13
secure.gravatar.com	1671	2004-07-15	2012-05-22	2024-04-17	458 B	2.5 kB	192.0.73.2
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-04-17	494 B	20 kB	104.16.80.73
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-17	411 B	87 kB	172.67.180.87
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	436 B	10 kB	142.250.74.74
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-18	429 B	421 B	18.198.46.224
www.teamos.xyz	unknown	2022-01-12	2022-04-13	2024-04-10	14 kB	1.5 MB	172.67.143.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	instrumenttactics.com	Sinkholed
2024-04-18	medium	instrumenttactics.com	Sinkholed
2024-04-18	medium	instrumenttactics.com	Sinkholed
2024-04-18	medium	stuffintolerableillicit.com	Sinkholed
2024-04-18	medium	stuffintolerableillicit.com	Sinkholed
2024-04-18	medium	stuffintolerableillicit.com	Sinkholed
2024-04-18	medium	momclumsycamouflage.com	Sinkholed
2024-04-18	medium	momclumsycamouflage.com	Sinkholed
2024-04-18	medium	stuffintolerableillicit.com	Sinkholed
2024-04-18	medium	stuffintolerableillicit.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js	81 kB	2024-04-18	2024-04-18
Pretty URL instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:55:58 Last Seen2024-04-18 20:55:59 Times Seen2 Hash 476a5da1cedfe709cb2ceab930a365bf f595cf62a9e2ba3c35c663cc9a9dd1f53dae69a6 a83d3ea47aea87d41006516f0156ad8f1b4430bb8eae9bff3d027996bd98897a Loading...

	www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c	249 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:55:58 Last Seen2024-04-18 20:55:59 Times Seen2 Hash 587677af684f3870f8f2670487731915 1688d5fb1b84ba0244ace895554fe948894f5bd8 906f47f3a60f6cc40b95fba6363c5b537143cc06fb2be01cfb0b2f426ea99698 Loading...

	unknown	3.3 kB	2024-04-18	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:55:58 Last Seen2024-04-18 20:55:58 Times Seen1 Hash 014d88c85cd5aafe8177b97de9ceb07b b91fbb2bfaad864247a968a39bb52c14088bb482 2d586e665aac12e533a2b9e6e6e7e6635a7b5e0f97156e461475c5862f9470e8 Loading...

	www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-01
Pretty URL www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-01 15:19:43 Times Seen43390 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-01
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-01 15:10:33 Times Seen343236 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.teamos.xyz/sandbox%20eval%20code	147 B	2023-04-11	2024-05-01
Pretty URL www.teamos.xyz/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-01 15:10:32 Times Seen343741 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	unknown	2.1 kB	2023-03-07	2024-04-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-30 13:38:56 Times Seen260 Hash 3a3fa1f807c678e04fa94fa684069231 c26e333abe0f139338a79d09557d433bab245107 95464e5d88d803be95b2ee15ce8668f1dc99b75f6aadd4379bc9fbcfba665ba5 Loading...

	unknown	14 kB	2023-03-07	2024-04-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-30 13:38:56 Times Seen257 Hash b5bf3196e186c65f858bc7e486cf9cba 917caf23e7cac4ba0613ae06e6bf1b72c0e69c98 bb8411520f5e4a207375f13c7266dbdf5fb56fd58fa695c0d486ddf476346d02 Loading...

	unknown	357 B	2023-03-12	2024-04-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:17:48 Last Seen2024-04-30 13:38:56 Times Seen257 Hash 00f88953f2d2d6770a8c26b60786c7a6 6cafe6508c1f114bf474f948fc6776a6131f3a72 1d996072b68082027d84ea8ccd0588497eb43fbfc4a2b2225bb443ff1424f4cc Loading...

	unknown	109 B	2024-04-13	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 00:57:00 Last Seen2024-04-29 04:36:19 Times Seen11 Hash 7ed74a97f1b51107642cbd354e8e9537 368722c30c49ed7ad343dd7986cc1e975ff7473b bdbbe3d74c92fb34f7cf7f5b502d5a0f9c5c91129b2fc95bc836c3eb10a8cf90 Loading...

	www.teamos.xyz/js/vendor/vendor-compiled.js?_v=099e916e	43 kB	2023-03-07	2024-04-30
Pretty URL www.teamos.xyz/js/vendor/vendor-compiled.js?_v=099e916e IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:34 Last Seen2024-04-30 13:38:56 Times Seen764 Hash 372b0c5f17990ad741c3d02593f63fe8 4e577cb859755cbf104a2334e6307a5291558689 ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1 Loading...

	static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793	19 kB	2024-04-17	2024-05-01
Pretty URL static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP 104.16.80.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 04:05:01 Last Seen2024-05-01 15:11:52 Times Seen1409 Hash 3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee Loading...

	instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js	27 kB	2024-04-18	2024-04-18
Pretty URL instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:55:58 Last Seen2024-04-18 20:55:58 Times Seen2 Hash 85282a9b7e3f9c844940b7f306787ec0 7c67b8bd64f9308b4782107bfbb494f69bad3cd2 24bc6f21f7b142ca142fb2bc40733f1a89418597d0c4c7f7d614936f3015b9e9 Loading...

	unknown	145 B	2023-03-12	2024-04-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:17:49 Last Seen2024-04-30 13:38:56 Times Seen255 Hash 56345684a4f92ef41f648d4d85464d99 a8c16ba1be3fb3c3dc7eff8358d223fc86cc3bde aa59fc72954112cea004fa466abb1ad524db3fa8321764f9699745769aea8d95 Loading...

	www.teamos.xyz/js/xf/preamble.min.js?_v=099e916e	3.4 kB	2023-03-09	2024-04-30
Pretty URL www.teamos.xyz/js/xf/preamble.min.js?_v=099e916e IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:27:16 Last Seen2024-04-30 13:38:56 Times Seen644 Hash 57c077607d1b4ba5bfeac6740d6e9576 8ce714d869d8f3b46eb3a7c7689920e1a85b0808 c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d Loading...

	instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js	31 kB	2024-04-18	2024-04-18
Pretty URL instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:55:58 Last Seen2024-04-18 20:55:59 Times Seen2 Hash f523e84049a4f65e9413fee631270b76 7a58528b8ca2b612690a9e32afd6a93375e15597 f51c340845f3071a4f4f689f2a9fe31a7c3b24adb144264bb0879bfb4c6930b6 Loading...

	www.teamos.xyz/js/xf/notice.min.js?_v=099e916e	3.7 kB	2023-03-09	2024-04-30
Pretty URL www.teamos.xyz/js/xf/notice.min.js?_v=099e916e IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:27:16 Last Seen2024-04-30 13:38:56 Times Seen649 Hash b725cc9681612e5c4a6de094bbe33bd9 c2bd0760c401cf86e15fc2b941b14fa7901633e3 a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b Loading...

	unknown	4.9 kB	2024-04-18	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:55:58 Last Seen2024-04-18 20:55:58 Times Seen1 Hash bf09795207fa53cdbe84a038c04ed547 915f63c824757d47a0cd9f4c55daa5fb0f8a54b7 235ef837141410c9d0db2ef144aa325e4d3694c28082c3e309fffc039b3bf68b Loading...

	unknown	206 B	2023-03-07	2024-04-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-30 13:38:56 Times Seen257 Hash 2700edffedbdaa40ab6a216ae8ced12f 573cb508bb36874954aa08c362370776cf73963c 35725d60531c253a1c499e18c6164aa07bcd1da0fa6e20e193b427e5970d8d09 Loading...

	unknown	710 B	2023-03-07	2024-04-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-30 13:38:56 Times Seen257 Hash 44f474ad795f2c9a6ba3e00ba7d3e0ce fca7a12113dc770c62721146decd70697384e78f b23f5c96634b513c51b13397c53b235960fed3f771e72923c0d557e4e0830e5c Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-01
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 172.67.180.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-01 15:21:28 Times Seen1495 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	www.googletagmanager.com/gtag/js?id=UA-77872044-1	202 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=UA-77872044-1 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 20:55:58 Last Seen2024-04-18 20:55:58 Times Seen2 Hash 49869a9c370092dbb685475deb24c487 49221aca8862207988ee3f6ce3c9f5c66763876b d3492b0693dd3243f0e3ee92c80b3d181f4488d13641042874c960bfee853b94 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-01
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-01 14:49:00 Times Seen140584 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	www.teamos.xyz/js/xf/core-compiled.js?_v=099e916e	214 kB	2023-03-12	2024-04-30
Pretty URL www.teamos.xyz/js/xf/core-compiled.js?_v=099e916e IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:31:50 Last Seen2024-04-30 13:38:56 Times Seen619 Hash d0ab265a4f68a45efc52408bd69a7f25 c57033113a290427c17a5cd1c94b1829aac06fed abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2711fceaffbc4adbdef1e52afbde54de	15 kB	2023-03-07	2024-04-30
Pretty Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-30 13:38:56 Times Seen296 Hash 2711fceaffbc4adbdef1e52afbde54de 62a2235b484940a2478213c3ff460153c3071fc3 21d093407e762467a0eb2435e960d0848f2a22eaa9c174a751b0a2203ec0fff7 Loading...

	#2 Eval - 4f10176ad76307e8a22ba3615af86532	2.1 kB	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 20:55:58 Last Seen2024-04-18 20:55:58 Times Seen1 Hash 4f10176ad76307e8a22ba3615af86532 afe88bd1773ce2d145136c6f7fd03c5105e49983 7c767900d75859d12790ab724c79ed7ae25d07093ba1fb261051e2e08134b1e3 Loading...

HTTP Transactions (50)

URL IP Response Size

www.teamos.xyz/data/assets/logo/TeamOSBanner.png

172.67.143.25

200 OK

42 kB

URL GET HTTP/3
www.teamos.xyz/data/assets/logo/TeamOSBanner.png
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
PNG image data, 440 x 190, 8-bit/color RGBA, non-interlaced
Size
42 kB (41495 bytes)
Hash
6d2647b327cb54f616dcbec207599df0
4e3e0baad833e44a3eb1e2052d3e78fd828180bf
b6201f6ed7ee1358eaad1b0dc43a16dd215f1175ceef43a3169c2e51b3a737a8

HTTP Headers

GET /data/assets/logo/TeamOSBanner.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: image/png
content-length: 41495
last-modified: Sun, 08 Jan 2023 06:26:05 GMT
etag: "63ba61fd-a217"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2682
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVyim2mYpb50f0VKv7Kjf2GOmf7bfGCXHLilLgpj9esS8YrNipiMIZmN7oiticqTC1eoY8qVCESCuG9AOY8%2FP2b4JmVzYY7E%2BHle6W0u4Q1qi3lxeZ8GHYKSjHiBRKVCfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de68db6456b7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3

172.67.143.25

200 OK

169 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 168768, version 331.-31261
Size
169 kB (168768 bytes)
Hash
d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

HTTP Headers

GET /styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: font/woff2
content-length: 168768
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-29340"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zngm71ypQ4jxtzC0NfA5WBRBGPQu%2FqM64Ttw8qmvshFXFGkuGRgknlGBkdtBMPm4f1tIa0q95NSMCAlFDHsYHcu8%2FN9kgd3GoiuwbLCg9x818%2FmL82PCb%2FSLx1kfGp0JeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de68cb4656b7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3

172.67.143.25

200 OK

137 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 136824, version 331.-31261
Size
137 kB (136824 bytes)
Hash
978b27ec5d8b81d2b15aa28aaaae1fcb
76625967fe113a088e0627605b9d1bbfb8a5e47c
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

HTTP Headers

GET /styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: font/woff2
content-length: 136824
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-21678"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ptiaV0h3mfV8xPBX478fthP3N5z6fbtPdd5GGLhYYQ8DQCIyDOBSzuq8KoJueuFZcsPyPnJ0271su26y0O68xcxXpPEtGl31XWdMkrShjU9l9dYz8KwXuFo0qHkq8nP%2B7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de68cb4c56b7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3

172.67.143.25

200 OK

77 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 76740, version 331.-31261
Size
77 kB (76740 bytes)
Hash
0511670fe2f5405105a6760294c5c51d
61cb879dec4fa97ece0d2a26cd6767c66117841b
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

HTTP Headers

GET /styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: font/woff2
content-length: 76740
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-12bc4"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lAaLI%2FR7HFegg650OTJyl%2Fx7RTTFEbE6qLZ%2Fgaluve0u99dm8XICjE56gRNkZ8D6PFNbYcwN4YtSrz7SgqPTLums5U%2Byisd%2BTNPPx3Zg4a4GgEp0wfJswIhiJdNSjoK2sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de68db5356b7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/images/dUy8t.gif

172.67.143.25

200 OK

23 kB

URL GET HTTP/3
www.teamos.xyz/images/dUy8t.gif
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
GIF image data, version 89a, 90 x 68
Size
23 kB (22768 bytes)
Hash
38be94eee10c04d248dc14b49a940b93
9d4fece605fc55c0ca18443c3018da3c34e40f05
8928b33dafb9036f74c4298b1e4097b90844fbed60bd41b8b9e3bbe4dcbda25b

HTTP Headers

GET /images/dUy8t.gif HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1713088796&k=034405c740f279c15adbbc41dfccb627ca90db04
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: image/gif
content-length: 22768
last-modified: Sun, 07 May 2023 10:55:46 GMT
etag: "645783b2-58f0"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2682
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMGz1zvj6hMyFwWr0fP560eTS5SyrnECwdduDUszOAnZ9c1jFoB6sJdi%2F%2BcizXdRIQ0Iy0IMGrdyBx4MHmcK2PVUuy94WkeSS%2BCVSwCEckecPh9By7T4%2F1cDWa8yB%2FbegQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de6a6d1a56b7-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-77872044-1

142.250.74.72

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-77872044-1
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (72940 bytes)
Hash
49869a9c370092dbb685475deb24c487
49221aca8862207988ee3f6ce3c9f5c66763876b
d3492b0693dd3243f0e3ee92c80b3d181f4488d13641042874c960bfee853b94

HTTP Headers

GET /gtag/js?id=UA-77872044-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 18:55:23 GMT
expires: Thu, 18 Apr 2024 18:55:23 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.170

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:56:44 GMT
expires: Wed, 16 Apr 2025 09:56:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 205119
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.teamos.xyz/js/xf/core-compiled.js?_v=099e916e

172.67.143.25

200 OK

110 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/core-compiled.js?_v=099e916e
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (16424)
Size
110 kB (109723 bytes)
Hash
d0ab265a4f68a45efc52408bd69a7f25
c57033113a290427c17a5cd1c94b1829aac06fed
abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3

HTTP Headers

GET /js/xf/core-compiled.js?_v=099e916e HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=213917
etag: W/"63926c70-3439d"
expires: Fri, 19 Apr 2024 08:41:06 GMT
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
cf-cache-status: HIT
age: 82214
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQKFwdULMDzDyeRPccc0EQIxLRIOiysJt85KwKyRNloQXcgbDBEKu8iLC3mjPNlQRdGzmhT3m%2BPINAQ8ws9wXyogCBVDeZOpJ4yuFGh5RUBggjVPhWTvbiNDAFZmpU%2FeFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de6a9d4b56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/js/vendor/vendor-compiled.js?_v=099e916e

172.67.143.25

200 OK

61 kB

URL GET HTTP/3
www.teamos.xyz/js/vendor/vendor-compiled.js?_v=099e916e
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (15908)
Size
61 kB (60961 bytes)
Hash
372b0c5f17990ad741c3d02593f63fe8
4e577cb859755cbf104a2334e6307a5291558689
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

HTTP Headers

GET /js/vendor/vendor-compiled.js?_v=099e916e HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=43704
etag: W/"63926c70-aab8"
expires: Fri, 19 Apr 2024 08:41:06 GMT
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
cf-cache-status: HIT
age: 555132
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zryw6J9dds1VQl%2BFDkvL0obMM4BwjfGWJcsGJPw7eBZNpdq98GdqjR%2FkN%2F2n5Bf3pUATvWCMsJzTakqQtIw%2Bh%2Bsoj3IRW0%2FCPSAcdXhX2LNs1%2BtPVF0yfUxLjWL%2BMnOVWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de6a9d4e56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js

172.240.108.76

200 OK

9.8 kB

URL GET HTTP/1.1
instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
FingerprintB3:B4:C7:34:36:45:7C:C8:57:0A:23:0A:32:B1:C8:72:96:4D:85:25
ValidityThu, 14 Mar 2024 07:34:53 GMT - Wed, 12 Jun 2024 07:34:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26636), with no line terminators
Size
9.8 kB (9804 bytes)
Hash
85282a9b7e3f9c844940b7f306787ec0
7c67b8bd64f9308b4782107bfbb494f69bad3cd2
24bc6f21f7b142ca142fb2bc40733f1a89418597d0c4c7f7d614936f3015b9e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /7326f362b41f2b6bdb387bd9014ae95b/invoke.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 18:55:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b9228c1b3b7660154585e5481818a4c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.teamos.xyz/data/avatars/s/86/86944.jpg?1703619014

172.67.143.25

200 OK

1.0 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/86/86944.jpg?1703619014
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced
Size
1.0 kB (1015 bytes)
Hash
b8d640536f661ae127bcababccd0ebd9
da748443dd5f255ac38fae38470328f2bb65ebf1
524e705c6241d6e1c8e8a5843f33ceba1075dbf35fc7d551c47282e83ebcbe0d

HTTP Headers

GET /data/avatars/s/86/86944.jpg?1703619014 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: image/jpeg
content-length: 1015
last-modified: Tue, 26 Dec 2023 19:30:14 GMT
etag: "658b29c6-3f7"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1220
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6V466sC8JqNMIY9e10nvkpVsKAjwYknkk949PqSEZ2Dv6boQwMl9Geak%2BT9Djpoi7BN5kyDEMuur7EWsnAVQM9jTWTkXKJHbWK%2BmEkWzySLPSnvtw%2FYXEQTCJcDA5nn4eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de6c8f4d56b7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/74/74636.jpg?1710952122

172.67.143.25

200 OK

678 B

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/74/74636.jpg?1710952122
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 48x48, components 3
Size
678 B (678 bytes)
Hash
6607026ed7631e3b1978eb37eca1c60a
23b65457b67b15f478c6f935a3dbc33799261c9e
24573e250e5e30191561f45c7daf5ed12855753a76d633460a5bf68cd78ba107

HTTP Headers

GET /data/avatars/s/74/74636.jpg?1710952122 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: image/jpeg
content-length: 678
last-modified: Wed, 20 Mar 2024 16:28:42 GMT
etag: "65fb0eba-2a6"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1220
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xF%2F%2BaXhljwc6QBPScD1aFuLPpO513oAhAjADYIAAo5zhL1ECJJZ%2BZ0mZUH1PUj%2BCgzGLzwWA3t6L3%2Blb9G3EhpltA17Eb7dl1fXFDYu4iDx6CBy7gExDS4Boen3qPy%2F02Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de6c8f5556b7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/js/xf/preamble.min.js?_v=099e916e

172.67.143.25

200 OK

2.1 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/preamble.min.js?_v=099e916e
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (546)
Size
2.1 kB (2073 bytes)
Hash
57c077607d1b4ba5bfeac6740d6e9576
8ce714d869d8f3b46eb3a7c7689920e1a85b0808
c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d

HTTP Headers

GET /js/xf/preamble.min.js?_v=099e916e HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
vary: Accept-Encoding
etag: W/"63926c70-d33"
expires: Fri, 19 Apr 2024 08:41:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 555132
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4aMisy%2FdZC%2FKaZGQs2%2BCdGE3qUo9YPOnzmEgyp%2F4EL63RUk9tmjdSws%2F4U72C97wcatmkgknGwGEhaKUzVGykzTqf4OjSBwBsDns0cDzLY0HJQRUL0yvfmyO7s3EgePJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de6abd7d56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/1223/1223980.jpg?1713380835

172.67.143.25

200 OK

6.1 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/1223/1223980.jpg?1713380835
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
6.1 kB (6072 bytes)
Hash
90d413b053ea81ad05c5d9690c032a07
c45d5cbc499d2e9a40c0511dfeeefee8749a07f6
15ae5469d94e382941f446c97dec81f1b4cc41acce884fc413788575d1c92b4b

HTTP Headers

GET /data/avatars/s/1223/1223980.jpg?1713380835 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: image/jpeg
content-length: 6072
last-modified: Wed, 17 Apr 2024 19:07:15 GMT
etag: "66201de3-17b8"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1510
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QB1BqyEg2Un7ZW6QM%2BE9ECeCsE%2ByrTljSNBvsOkcz%2F7wTO150GPmqdYH4knxcrgZpR%2FTQUZRXRqNf56IZhjv35RamezNtnL5Yug4juc7P0AYJ0CrDF2C4n6bdglF6Tz6ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de6c8f6756b7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/10/10154.jpg?1710632396

172.67.143.25

200 OK

2.0 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/10/10154.jpg?1710632396
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 48x48, components 3
Size
2.0 kB (1962 bytes)
Hash
1ae90eb6ef7b7b1f2e89b12bc6e186e5
760bdb0af23e710f1c21b8055fd884c3bb5c230c
5107dc58275b02e4e30fd32ac7d95ff9acf247a78ced068285ad97813e378a60

HTTP Headers

GET /data/avatars/s/10/10154.jpg?1710632396 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: image/jpeg
content-length: 1962
last-modified: Sat, 16 Mar 2024 23:39:58 GMT
etag: "65f62dce-7aa"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1220
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tvlvatk4JaCJzKBI9blI4PsMIzWetlLo39CDt84mgwc2QP2Mh2WgQg6XrvkuRkwb6EAgfwK%2Fk%2BsxhLMNA2r30AdhgsBtmcUZX3XXbIZtHAF8vn0Ph188NN59YDR76brw3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de6c8f6c56b7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/1183/1183274.jpg?1711477529

172.67.143.25

200 OK

5.4 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/1183/1183274.jpg?1711477529
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
5.4 kB (5355 bytes)
Hash
2df3914be8bfd5e905fd2464b0015472
5961e0b0e061d69ec35ef479155f795133b40c00
7f3b5d64eb459a561537327eea8908592de860d7b98944affa028af38ed2aa10

HTTP Headers

GET /data/avatars/s/1183/1183274.jpg?1711477529 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: image/jpeg
content-length: 5355
last-modified: Tue, 26 Mar 2024 18:25:29 GMT
etag: "66031319-14eb"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5167
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhfG9Xjr%2FvkjK3Yc%2FNc4tmu9LtuLQfk1YOC8sFwqFi33hTxMEeQa0p9rZ8iniTR4pj3YgStCfQGrpkx3ANC0mAJxDt9TBmrHzhmWIdnKBCIenGujxCoG3I84VeFxq83QZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de6c9f8756b7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/1244/1244182.jpg?1712727528

172.67.143.25

200 OK

1.6 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/1244/1244182.jpg?1712727528
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 48x48, components 3
Size
1.6 kB (1621 bytes)
Hash
b2271a2753fe1e2e8850cb6bd2ad803b
ef06a77553587bcf39dbc203c6851a0c58887c17
2fda6fb8726e7834300f2e0d3fb900bc88cf8d325ade337035a39c83d297ee91

HTTP Headers

GET /data/avatars/s/1244/1244182.jpg?1712727528 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: image/jpeg
content-length: 1621
last-modified: Wed, 10 Apr 2024 05:38:49 GMT
etag: "661625e9-655"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xrcqv0maWqG0KYK4aOTsbY98EG8Ze89UiYAVA7SUPjaSBXc%2FyL2jocrEujiGLK17mbJiPQmS8LcAQP671jaRrYwKl0iqJp%2Fnx6%2FKqAUSIuITitFSbuYKCv7dqZmfn29C9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de6c9f8356b7-OSL
alt-svc: h3=":443"; ma=86400

proftrafficcounter.com/stats

18.198.46.224

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.198.46.224:443
ASN
#16509 AMAZON-02

Requested by
https://www.teamos.xyz/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
502c229aafac9936acccd7e3b735d170
89903cb273575768fbc45bd229cd42f7d2cc7404
b01a9dd85e5a71bf57f0088a0cb92f783a9a9a94fd0731a79feaff0e1eee0925

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.teamos.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=4e1b8767-c089-45ec-a3ca-ef09b8ef2339:3:1; expires=Sun, 16 Apr 2034 18:55:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c

142.250.74.72

200 OK

88 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
88 kB (88163 bytes)
Hash
587677af684f3870f8f2670487731915
1688d5fb1b84ba0244ace895554fe948894f5bd8
906f47f3a60f6cc40b95fba6363c5b537143cc06fb2be01cfb0b2f426ea99698

HTTP Headers

GET /gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 18:55:23 GMT
expires: Thu, 18 Apr 2024 18:55:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88163
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js

192.243.59.13

200 OK

30 kB

URL GET HTTP/1.1
instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
FingerprintB3:B4:C7:34:36:45:7C:C8:57:0A:23:0A:32:B1:C8:72:96:4D:85:25
ValidityThu, 14 Mar 2024 07:34:53 GMT - Wed, 12 Jun 2024 07:34:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (29765 bytes)
Hash
476a5da1cedfe709cb2ceab930a365bf
f595cf62a9e2ba3c35c663cc9a9dd1f53dae69a6
a83d3ea47aea87d41006516f0156ad8f1b4430bb8eae9bff3d027996bd98897a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 18:55:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b5ab5334379793c0fc72e9710540104
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js

192.243.59.13

200 OK

12 kB

URL GET HTTP/1.1
instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
FingerprintB3:B4:C7:34:36:45:7C:C8:57:0A:23:0A:32:B1:C8:72:96:4D:85:25
ValidityThu, 14 Mar 2024 07:34:53 GMT - Wed, 12 Jun 2024 07:34:52 GMT

File type
JavaScript source, ASCII text, with very long lines (31307), with no line terminators
Size
12 kB (11845 bytes)
Hash
f523e84049a4f65e9413fee631270b76
7a58528b8ca2b612690a9e32afd6a93375e15597
f51c340845f3071a4f4f689f2a9fe31a7c3b24adb144264bb0879bfb4c6930b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ae333e82cfaead9ba22e64954c139352/invoke.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 18:55:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e91057fb870b5eea505a1bbc6cc50c7c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.74

200 OK

9.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
9.7 kB (9730 bytes)
Hash
cfd8c0e0b8df86390d84c4f09a7ee6cd
c0781c6c5cf1da056686b53c6ef6e76a00420729
29a1db6178534757c99fc3cd5800065132593c623ebeb0814ebaccef24d00731

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 18:55:23 GMT
date: Thu, 18 Apr 2024 18:55:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stuffintolerableillicit.com/ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4

172.240.108.68

200 OK

18 kB

URL GET HTTP/1.1
stuffintolerableillicit.com/ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectstuffintolerableillicit.com
FingerprintC9:2F:D9:D1:16:5D:26:11:12:28:33:9A:A1:46:8B:68:D2:38:4A:9A
ValidityTue, 16 Apr 2024 09:55:22 GMT - Mon, 15 Jul 2024 09:55:21 GMT

File type
JSON text data
Size
18 kB (17773 bytes)
Hash
aca12b6edb61bdfe05d928ba9894b9d4
05190651457893caeb7df2ff04e76b8913602269
32cc91f5e80115ec8e597941d5d454c30b0e55e20c16774353bcd2fbab2ba1ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4 HTTP/1.1
Host: stuffintolerableillicit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 18:55:24 GMT
Content-Type: application/json
Content-Length: 17773
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17773605; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
uncs=1; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
pdhtkv49=true; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
uncs49=1; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991489,4991490]; expires=Thu, 18 Apr 2024 18:55:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c91840cc80649d217f66383488e25fa
Strict-Transport-Security: max-age=0; includeSubdomains

www.teamos.xyz/cdn-cgi/rum?

172.67.143.25

204 No Content

0 B

URL POST HTTP/3
www.teamos.xyz/cdn-cgi/rum?
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1041
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1; _ga_ZMK4J7B2XT=GS1.1.1713466523.1.0.1713466523.0.0.0; _ga=GA1.1.1154666559.1713466524; m5a4xojbcp2nx3gptmm633qal3gzmadn=stuffintolerableillicit.com; pp_main_a1e8916f3df739635783bc00fa07bfe6=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 18 Apr 2024 18:55:24 GMT
access-control-allow-origin: https://www.teamos.xyz
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8766de71dcd956b7-OSL
x-frame-options: DENY
x-content-type-options: nosniff

stuffintolerableillicit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReuXub%2FDwqKYW97GQ%2BCLjLp7pn0ZNyDGGMkOG7WXUVvUtVVPSlT3dVWdU9P5hRckL0II3hZ8dD5JtnguohevLloZ0FkQchcJAdz9i4Ej9JjcPRBv%2Fe%2B972G771XH%2B%2FnZ8RHTk%2FX39RjqRRdXmm5zeff87xrzb5M8lFztBq8H3SuNc3wpV7Qcl9ovi7CHb3su57req7X3JBGRHq0XJOQ6YOe1%2Bq5rY7f8lY6GJn%2FYps7sNQBH56RJUg%2BazxyLkOGFZL4m3VhdzKdvvhanCuaaYMhP3on2Ul0kSBepJFxECVHF93Q9mTjIXRyOJcLPfynkckZcX56CJYcXYgEGx7MdTIFkYDxJ1EMKwhVQdIKob4NyU8IEHJc30IS37uuTUF3%2F2Zpzc5I4%2FwPyGJGGr9dRhJ%2FvabkqHlLqzyTOrEYRSXkqIIcVEjzY2TjS5DFMcLsI0j%2BC1k%2B7yOJD7as0pC8nM8uZQUZVVBiAmod5PUnHeSRgzx1EPPTZuh5XtflIXVXe2HY5l3BAu56tBt51HODVeRhLW%2BCLJ0gVBOEZg%2Bp2cOO%2FPRkZQkm%2FwF2u4TlDmw2I85bexjyEoUgKCxBQQkKSVBkBMWwPOTK%2Bra8x5XNmXcR%2FYvYLqc6G%2BzTQ50NREJAzQSGl%2FvpGXmmXpHzdOc57IjTZrftB1E78FnHi3wWMM7aq13Ge67XoaK3wmBlCWkvzaceyxm5cv4hUjkj%2F%2Fs9BaPHsOoYoVwCzT3QogTdLjFO7meCxtq2RrtjcF0izRrIdp19dUauzE%2FUTz6BCB%2BTC0NoSqSmxAfyEcFA3Zne1AU5uKkLS77dSjMZyzGtz3cro5n4%2F%2F03xG6hDd9ct5MvXwlrok4fvC1s1qcJl8nAkq%2FWJOfCbGgTCvL9pn1XsBu53V7LTZKn%2FRuvbmzGqRHWSp1UoPJk60%2BEckae%2BvW7%2Bbu8evdHSFPB5CXifKFU6gphugebLmpWExi1wCx1UOTl1PhsUVSSQIkFpqyE%2FRdmi3xqaP03leW%2BvYOBaYBmt5HEJYamxFCVoGoCmz8xzVLz%2BOWf79b2OZhqTJkyjQOmjPpsvuQZ6V8ltXNqdwlW1jdvuzTorXjdLhVd1vFXo8DjlPqdwA8C2kZmZ9Gz6ou%2FAAAA%2F%2F8BAAD%2F%2F3T4RbN7BAAA

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
stuffintolerableillicit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReuXub%2FDwqKYW97GQ%2BCLjLp7pn0ZNyDGGMkOG7WXUVvUtVVPSlT3dVWdU9P5hRckL0II3hZ8dD5JtnguohevLloZ0FkQchcJAdz9i4Ej9JjcPRBv%2Fe%2B972G771XH%2B%2FnZ8RHTk%2FX39RjqRRdXmm5zeff87xrzb5M8lFztBq8H3SuNc3wpV7Qcl9ovi7CHb3su57req7X3JBGRHq0XJOQ6YOe1%2Bq5rY7f8lY6GJn%2FYps7sNQBH56RJUg%2BazxyLkOGFZL4m3VhdzKdvvhanCuaaYMhP3on2Ul0kSBepJFxECVHF93Q9mTjIXRyOJcLPfynkckZcX56CJYcXYgEGx7MdTIFkYDxJ1EMKwhVQdIKob4NyU8IEHJc30IS37uuTUF3%2F2Zpzc5I4%2FwPyGJGGr9dRhJ%2FvabkqHlLqzyTOrEYRSXkqIIcVEjzY2TjS5DFMcLsI0j%2BC1k%2B7yOJD7as0pC8nM8uZQUZVVBiAmod5PUnHeSRgzx1EPPTZuh5XtflIXVXe2HY5l3BAu56tBt51HODVeRhLW%2BCLJ0gVBOEZg%2Bp2cOO%2FPRkZQkm%2FwF2u4TlDmw2I85bexjyEoUgKCxBQQkKSVBkBMWwPOTK%2Bra8x5XNmXcR%2FYvYLqc6G%2BzTQ50NREJAzQSGl%2FvpGXmmXpHzdOc57IjTZrftB1E78FnHi3wWMM7aq13Ge67XoaK3wmBlCWkvzaceyxm5cv4hUjkj%2F%2Fs9BaPHsOoYoVwCzT3QogTdLjFO7meCxtq2RrtjcF0izRrIdp19dUauzE%2FUTz6BCB%2BTC0NoSqSmxAfyEcFA3Zne1AU5uKkLS77dSjMZyzGtz3cro5n4%2F%2F03xG6hDd9ct5MvXwlrok4fvC1s1qcJl8nAkq%2FWJOfCbGgTCvL9pn1XsBu53V7LTZKn%2FRuvbmzGqRHWSp1UoPJk60%2BEckae%2BvW7%2Bbu8evdHSFPB5CXifKFU6gphugebLmpWExi1wCx1UOTl1PhsUVSSQIkFpqyE%2FRdmi3xqaP03leW%2BvYOBaYBmt5HEJYamxFCVoGoCmz8xzVLz%2BOWf79b2OZhqTJkyjQOmjPpsvuQZ6V8ltXNqdwlW1jdvuzTorXjdLhVd1vFXo8DjlPqdwA8C2kZmZ9Gz6ou%2FAAAA%2F%2F8BAAD%2F%2F3T4RbN7BAAA
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectstuffintolerableillicit.com
FingerprintC9:2F:D9:D1:16:5D:26:11:12:28:33:9A:A1:46:8B:68:D2:38:4A:9A
ValidityTue, 16 Apr 2024 09:55:22 GMT - Mon, 15 Jul 2024 09:55:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReuXub%2FDwqKYW97GQ%2BCLjLp7pn0ZNyDGGMkOG7WXUVvUtVVPSlT3dVWdU9P5hRckL0II3hZ8dD5JtnguohevLloZ0FkQchcJAdz9i4Ej9JjcPRBv%2Fe%2B972G771XH%2B%2FnZ8RHTk%2FX39RjqRRdXmm5zeff87xrzb5M8lFztBq8H3SuNc3wpV7Qcl9ovi7CHb3su57req7X3JBGRHq0XJOQ6YOe1%2Bq5rY7f8lY6GJn%2FYps7sNQBH56RJUg%2BazxyLkOGFZL4m3VhdzKdvvhanCuaaYMhP3on2Ul0kSBepJFxECVHF93Q9mTjIXRyOJcLPfynkckZcX56CJYcXYgEGx7MdTIFkYDxJ1EMKwhVQdIKob4NyU8IEHJc30IS37uuTUF3%2F2Zpzc5I4%2FwPyGJGGr9dRhJ%2FvabkqHlLqzyTOrEYRSXkqIIcVEjzY2TjS5DFMcLsI0j%2BC1k%2B7yOJD7as0pC8nM8uZQUZVVBiAmod5PUnHeSRgzx1EPPTZuh5XtflIXVXe2HY5l3BAu56tBt51HODVeRhLW%2BCLJ0gVBOEZg%2Bp2cOO%2FPRkZQkm%2FwF2u4TlDmw2I85bexjyEoUgKCxBQQkKSVBkBMWwPOTK%2Bra8x5XNmXcR%2FYvYLqc6G%2BzTQ50NREJAzQSGl%2FvpGXmmXpHzdOc57IjTZrftB1E78FnHi3wWMM7aq13Ge67XoaK3wmBlCWkvzaceyxm5cv4hUjkj%2F%2Fs9BaPHsOoYoVwCzT3QogTdLjFO7meCxtq2RrtjcF0izRrIdp19dUauzE%2FUTz6BCB%2BTC0NoSqSmxAfyEcFA3Zne1AU5uKkLS77dSjMZyzGtz3cro5n4%2F%2F03xG6hDd9ct5MvXwlrok4fvC1s1qcJl8nAkq%2FWJOfCbGgTCvL9pn1XsBu53V7LTZKn%2FRuvbmzGqRHWSp1UoPJk60%2BEckae%2BvW7%2Bbu8evdHSFPB5CXifKFU6gphugebLmpWExi1wCx1UOTl1PhsUVSSQIkFpqyE%2FRdmi3xqaP03leW%2BvYOBaYBmt5HEJYamxFCVoGoCmz8xzVLz%2BOWf79b2OZhqTJkyjQOmjPpsvuQZ6V8ltXNqdwlW1jdvuzTorXjdLhVd1vFXo8DjlPqdwA8C2kZmZ9Gz6ou%2FAAAA%2F%2F8BAAD%2F%2F3T4RbN7BAAA HTTP/1.1
Host: stuffintolerableillicit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991489,4991490]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 18:55:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 61c72bc2b5d60def11508cb96ca4211b
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/03/ef/82/03ef82a9b88d6fa4f2360efbbfb7e630/1708444007.jpeg

45.133.44.9

200 OK

20 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/03/ef/82/03ef82a9b88d6fa4f2360efbbfb7e630/1708444007.jpeg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3
Size
20 kB (20127 bytes)
Hash
92685449d59c945a46462fa1d5f2f068
4b1804b6e47ce6b81c54b4e7cd2e92411214f01f
3c04224c7d901f48986e99853da6d0e28090a5b889e8e56b4a6e643a7047f09d

HTTP Headers

GET /cti/03/ef/82/03ef82a9b88d6fa4f2360efbbfb7e630/1708444007.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:24 GMT
content-type: image/jpeg
content-length: 20127
server: nginx/1.21.6
last-modified: Tue, 20 Feb 2024 15:46:56 GMT
etag: "65d4c970-4e9f"
expires: Sat, 20 Apr 2024 18:55:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

stuffintolerableillicit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3p3f5Scohtz2Mh4EXWTS3TPpybiHxRizBMfNuqvoTaq6eiZlqrvaqq7pyQgSXJC9LIzgRfHQ%2BSbZ4Los%2Bge4yGRBJCCkbzlswJt3IWfpMTj6oOq9732v4Hvv1Rd79oz4sPR07R01ElLSpeWGW3%2FlQ8%2B7Vu%2BKxA7rw5Xgo6B1ra4Hr3eChvtq%2FUYUbqsl3%2FVc13O9%2BrrQUU8NlyoSIn3U8Rodt9HyG95yC0P9X2ysA0Md8MEZWYDgZe2pswgRTpHEP6xFZjtT6WtvxVbSTGkM%2BOH7yXai8gTxPOxpB73k8KIaypysP4FKDmZyoQb%2FFDJREueXJ2DJ4YVIsMH%2BTCeTiBIw%2FhzywRSRnELQKUJ1F4KfECDkuLmJJH5wU%2Bmc7vzN0ootSe38T4i8JLVni0jix6tSDOt3lLSZUInBsFdADKcQ%2FSlSe4RsdAkiP0KYfQ7BfyNL510k8f6mkQqCF7PehZhC9KaQ0RjUOLDVEQ5sz4FNHcT8tB56ntd2eUjdlU4YNnk7YgF3PdruedRzgxXYsJI3RpaOEcoxQr2LVO9iW3x5srwAbX%2BG2SpguAOTlcR5dxcDXiCPCHJDkFOCXBDkGUE%2BKA64NL4pHnBpLPMuvH%2Fhm8VEZf09eqCyfpQQUD2G5sVeekZerEbkvNB6GdvRab3d9INeM%2FBZy%2Bv5LGCcNVfajHdcr0WjzjKDEQWEuTTreiRKcuX8E6SiJP%2F7IwWjRzDyCKFYALUeaF6AbhUYJQ%2BziMbKNIY7I3BVIM1qyHacPXlGrsxW1L3qIAqPr2ej3288XvwUoS6Q6gIfi6cEfXlvclvlZP%2B2yg35cTPNRCxGtFrfnYxm0eWHb0c7udJ8Y82Mv3sjrIgqfPReZLIuTbhI%2BoZ8vyo4j%2FS60mFEftowH0TsljVbq1YnNu3eenN9I051ZIxQyRRUlKR2vINQlOT5Z5%2FNfuZVex9CT6FtgdgekwuDUEcI012YdJ4zikDLOWbpZeS2mGifzZNSEMhojikrYP6F2TyeaFq9pqLYM%2FfQ1zXQ7C6SuMBAFxjIAlSOYez%2FJ1mqj6%2F%2F%2BnVl34DJ2oRJXdtnUsuvStJN7lezJrOBV9clGFFtvenSoLPstds0arOWv9ILPE6p3wr8IKBNZKbsvSS%2F%2FQsAAP%2F%2FAQAA%2F%2F%2BJ2%2FbifQQAAA%3D%3D

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
stuffintolerableillicit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3p3f5Scohtz2Mh4EXWTS3TPpybiHxRizBMfNuqvoTaq6eiZlqrvaqq7pyQgSXJC9LIzgRfHQ%2BSbZ4Los%2Bge4yGRBJCCkbzlswJt3IWfpMTj6oOq9732v4Hvv1Rd79oz4sPR07R01ElLSpeWGW3%2FlQ8%2B7Vu%2BKxA7rw5Xgo6B1ra4Hr3eChvtq%2FUYUbqsl3%2FVc13O9%2BrrQUU8NlyoSIn3U8Rodt9HyG95yC0P9X2ysA0Md8MEZWYDgZe2pswgRTpHEP6xFZjtT6WtvxVbSTGkM%2BOH7yXai8gTxPOxpB73k8KIaypysP4FKDmZyoQb%2FFDJREueXJ2DJ4YVIsMH%2BTCeTiBIw%2FhzywRSRnELQKUJ1F4KfECDkuLmJJH5wU%2Bmc7vzN0ootSe38T4i8JLVni0jix6tSDOt3lLSZUInBsFdADKcQ%2FSlSe4RsdAkiP0KYfQ7BfyNL510k8f6mkQqCF7PehZhC9KaQ0RjUOLDVEQ5sz4FNHcT8tB56ntd2eUjdlU4YNnk7YgF3PdruedRzgxXYsJI3RpaOEcoxQr2LVO9iW3x5srwAbX%2BG2SpguAOTlcR5dxcDXiCPCHJDkFOCXBDkGUE%2BKA64NL4pHnBpLPMuvH%2Fhm8VEZf09eqCyfpQQUD2G5sVeekZerEbkvNB6GdvRab3d9INeM%2FBZy%2Bv5LGCcNVfajHdcr0WjzjKDEQWEuTTreiRKcuX8E6SiJP%2F7IwWjRzDyCKFYALUeaF6AbhUYJQ%2BziMbKNIY7I3BVIM1qyHacPXlGrsxW1L3qIAqPr2ej3288XvwUoS6Q6gIfi6cEfXlvclvlZP%2B2yg35cTPNRCxGtFrfnYxm0eWHb0c7udJ8Y82Mv3sjrIgqfPReZLIuTbhI%2BoZ8vyo4j%2FS60mFEftowH0TsljVbq1YnNu3eenN9I051ZIxQyRRUlKR2vINQlOT5Z5%2FNfuZVex9CT6FtgdgekwuDUEcI012YdJ4zikDLOWbpZeS2mGifzZNSEMhojikrYP6F2TyeaFq9pqLYM%2FfQ1zXQ7C6SuMBAFxjIAlSOYez%2FJ1mqj6%2F%2F%2BnVl34DJ2oRJXdtnUsuvStJN7lezJrOBV9clGFFtvenSoLPstds0arOWv9ILPE6p3wr8IKBNZKbsvSS%2F%2FQsAAP%2F%2FAQAA%2F%2F%2BJ2%2FbifQQAAA%3D%3D
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectstuffintolerableillicit.com
FingerprintC9:2F:D9:D1:16:5D:26:11:12:28:33:9A:A1:46:8B:68:D2:38:4A:9A
ValidityTue, 16 Apr 2024 09:55:22 GMT - Mon, 15 Jul 2024 09:55:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3p3f5Scohtz2Mh4EXWTS3TPpybiHxRizBMfNuqvoTaq6eiZlqrvaqq7pyQgSXJC9LIzgRfHQ%2BSbZ4Los%2Bge4yGRBJCCkbzlswJt3IWfpMTj6oOq9732v4Hvv1Rd79oz4sPR07R01ElLSpeWGW3%2FlQ8%2B7Vu%2BKxA7rw5Xgo6B1ra4Hr3eChvtq%2FUYUbqsl3%2FVc13O9%2BrrQUU8NlyoSIn3U8Rodt9HyG95yC0P9X2ysA0Md8MEZWYDgZe2pswgRTpHEP6xFZjtT6WtvxVbSTGkM%2BOH7yXai8gTxPOxpB73k8KIaypysP4FKDmZyoQb%2FFDJREueXJ2DJ4YVIsMH%2BTCeTiBIw%2FhzywRSRnELQKUJ1F4KfECDkuLmJJH5wU%2Bmc7vzN0ootSe38T4i8JLVni0jix6tSDOt3lLSZUInBsFdADKcQ%2FSlSe4RsdAkiP0KYfQ7BfyNL510k8f6mkQqCF7PehZhC9KaQ0RjUOLDVEQ5sz4FNHcT8tB56ntd2eUjdlU4YNnk7YgF3PdruedRzgxXYsJI3RpaOEcoxQr2LVO9iW3x5srwAbX%2BG2SpguAOTlcR5dxcDXiCPCHJDkFOCXBDkGUE%2BKA64NL4pHnBpLPMuvH%2Fhm8VEZf09eqCyfpQQUD2G5sVeekZerEbkvNB6GdvRab3d9INeM%2FBZy%2Bv5LGCcNVfajHdcr0WjzjKDEQWEuTTreiRKcuX8E6SiJP%2F7IwWjRzDyCKFYALUeaF6AbhUYJQ%2BziMbKNIY7I3BVIM1qyHacPXlGrsxW1L3qIAqPr2ej3288XvwUoS6Q6gIfi6cEfXlvclvlZP%2B2yg35cTPNRCxGtFrfnYxm0eWHb0c7udJ8Y82Mv3sjrIgqfPReZLIuTbhI%2BoZ8vyo4j%2FS60mFEftowH0TsljVbq1YnNu3eenN9I051ZIxQyRRUlKR2vINQlOT5Z5%2FNfuZVex9CT6FtgdgekwuDUEcI012YdJ4zikDLOWbpZeS2mGifzZNSEMhojikrYP6F2TyeaFq9pqLYM%2FfQ1zXQ7C6SuMBAFxjIAlSOYez%2FJ1mqj6%2F%2F%2BnVl34DJ2oRJXdtnUsuvStJN7lezJrOBV9clGFFtvenSoLPstds0arOWv9ILPE6p3wr8IKBNZKbsvSS%2F%2FQsAAP%2F%2FAQAA%2F%2F%2BJ2%2FbifQQAAA%3D%3D HTTP/1.1
Host: stuffintolerableillicit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991489,4991490]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 18:55:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9705fc349842e2c6c54e0c309436c717
Strict-Transport-Security: max-age=0; includeSubdomains

momclumsycamouflage.com/watch.648676855806.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.2071&uuid=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1

192.243.59.13

307 Temporary Redirect

0 B

URL GET HTTP/1.1
momclumsycamouflage.com/watch.648676855806.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.2071&uuid=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectmomclumsycamouflage.com
FingerprintDA:A2:42:4F:6F:07:76:BF:C5:1A:CF:A7:D7:6A:07:80:3A:56:9A:7B
ValidityTue, 16 Apr 2024 13:44:46 GMT - Mon, 15 Jul 2024 13:44:45 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.648676855806.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.2071&uuid=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1 HTTP/1.1
Host: momclumsycamouflage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 18:55:24 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Location: https://momclumsycamouflage.com/watch.648676855806.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1713466584&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=06397b8348d01fb7975068c9a00b8f786e69e6a2e594171dd40086db19b61025171aeceb5cd51e2c40ec39faeac811cce7ffa4fc533ac4fd35e24b01406320c988ef669c52d53000dff05cd1550f72785cb2087ef28025c3eb5159c77f3d1f&tz=0&uuid=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1
Set-Cookie: u_pl=17155452; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE1NTQ1MiwiayI6ImFlMzMzZTgyY2ZhZWFkOWJhMjJlNjQ5NTRjMTM5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODMyNTYxLCJwaWQiOjM4NzE4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyMywicHQiOjQsInBrIjoiYXM3MnhuaXRqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRlYW1vcy54eXovIiwiYXIiOltdfX0.vK4tJsWTw5CV2VlEaDdK8WeL0wD9fKt6UhZ2fr9PJ1M; expires=Thu, 18 Apr 2024 18:56:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 136a2408bfcbc5a7070b3fd603a5bbc2
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png

45.133.44.9

200 OK

120 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
120 kB (119965 bytes)
Hash
c5a83c3079df6439410f74f3e8de6930
66dab231922cc92db7c41f49d7bdb7da1dfde08a
ee0745b5678c7e4277047ba8f87d53ee77e60a4985dace65c73b970521dbf1f8

HTTP Headers

GET /si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:24 GMT
content-type: image/png
content-length: 119965
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:15 GMT
etag: "65f95767-1d49d"
expires: Sat, 20 Apr 2024 18:55:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png

45.133.44.9

200 OK

105 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
105 kB (104949 bytes)
Hash
440d0ebcc9ae01aba77f74d9015ff0b3
9065b873ac93b45da1765682071eaaf6efe12e5c
7834596c29b94d74435163b3875c5042082912c1aff529986b0235cd9b7b27cc

HTTP Headers

GET /si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:24 GMT
content-type: image/png
content-length: 104949
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:37 GMT
etag: "65f9577d-199f5"
expires: Sat, 20 Apr 2024 18:55:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png

45.133.44.9

200 OK

184 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
184 kB (183812 bytes)
Hash
adc709f858c8b4ff4ce26a2757b75131
c91b170aba4aafdca5690d29e17f61b6505e15c1
ad475e95022da6d65aec3479ad3b4ff6d36dc85bbc634d750cdd575ea1a985ce

HTTP Headers

GET /si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:24 GMT
content-type: image/png
content-length: 183812
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 19:50:20 GMT
etag: "65cd197c-2ce04"
expires: Sat, 20 Apr 2024 18:55:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

momclumsycamouflage.com/watch.648676855806.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1713466584&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=06397b8348d01fb7975068c9a00b8f786e69e6a2e594171dd40086db19b61025171aeceb5cd51e2c40ec39faeac811cce7ffa4fc533ac4fd35e24b01406320c988ef669c52d53000dff05cd1550f72785cb2087ef28025c3eb5159c77f3d1f&tz=0&uuid=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1

192.243.59.13

200 OK

2.0 kB

URL GET HTTP/1.1
momclumsycamouflage.com/watch.648676855806.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1713466584&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=06397b8348d01fb7975068c9a00b8f786e69e6a2e594171dd40086db19b61025171aeceb5cd51e2c40ec39faeac811cce7ffa4fc533ac4fd35e24b01406320c988ef669c52d53000dff05cd1550f72785cb2087ef28025c3eb5159c77f3d1f&tz=0&uuid=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectmomclumsycamouflage.com
FingerprintDA:A2:42:4F:6F:07:76:BF:C5:1A:CF:A7:D7:6A:07:80:3A:56:9A:7B
ValidityTue, 16 Apr 2024 13:44:46 GMT - Mon, 15 Jul 2024 13:44:45 GMT

File type
JavaScript source, ASCII text, with very long lines (2435)
Size
2.0 kB (1976 bytes)
Hash
92dc957f21de087f2c300a1822c1e64c
ef771eb6eabac98c78ef770adb82f494a0201e3c
f54ddb268dba9a769ae42c1a54c8d6d322bee78508703f9e1a81db88148a0331

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.648676855806.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1713466584&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=06397b8348d01fb7975068c9a00b8f786e69e6a2e594171dd40086db19b61025171aeceb5cd51e2c40ec39faeac811cce7ffa4fc533ac4fd35e24b01406320c988ef669c52d53000dff05cd1550f72785cb2087ef28025c3eb5159c77f3d1f&tz=0&uuid=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1 HTTP/1.1
Host: momclumsycamouflage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17155452; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE1NTQ1MiwiayI6ImFlMzMzZTgyY2ZhZWFkOWJhMjJlNjQ5NTRjMTM5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODMyNTYxLCJwaWQiOjM4NzE4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyMywicHQiOjQsInBrIjoiYXM3MnhuaXRqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRlYW1vcy54eXovIiwiYXIiOltdfX0.vK4tJsWTw5CV2VlEaDdK8WeL0wD9fKt6UhZ2fr9PJ1M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 18:55:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4e1b8767-c089-45ec-a3ca-ef09b8ef2339:3:1; expires=Thu, 25 Apr 2024 18:55:24 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
uncs=1; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 19 Apr 2024 18:55:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a704acc18e6086725715ee635826e0b3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

stuffintolerableillicit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujuNFQXHJbS%2FjQdBFJt09k56Me1iMMUtw3Ky7it6kqqtnUqa6q63qmp6MIMEF2YPCCF4UD51vkg2uy6J%2FgItMFkQCQvqWwwa8eRdylh6Dow%2Fq%2FajvFXzvffX5nj0jPiw9XXtbjYSUdGm54dZf%2FsDzrta7IrHD%2BnAl%2BDBoXa3rwWudoOG%2BUr8ehdtqyXc91%2FVcr74udNRTw6UKhEgfdLxGx220%2FIa33MJQ%2F7821oGhDvjgjFyC4GXtsbMIEU6RxD%2BuRWY7U%2Bmrb8ZW0kxpDPjhe8l2ovIE8TztaQe95PCiG8qcrD%2BCSg5mdKEG%2FzYyURLn10dgyeEFSbDB%2Fownk4gSMP4s8sEUkZxC0ClCdQeCnxAg5LixiSS%2Bd0PpnO78g9IKLUnt%2FC%2BIvCS1J4tI4oerUgzrt5W0mVCJwbBXQAynEP0pUnuEbLQAkR8hzD6D4L%2BTpfMuknh%2F00gFwYvZ7EJMIXpTyGgMahzY6ggHtufApg5ifloPPc9ruzyk7konDJu8HbGAux5t9zzqucEKbFjRGyNLxwjlGKHeRap3sS2%2BOlm%2BBG1%2FgdkqYLgDk5XEeWcXA14gjwhyQ5BTglwQ5BlBPigOuDS%2BKe5xaSzzLqJ%2FEZvFRGX9PXqgsn6UEFA9hubFXnpGXqhW5Dzfegnb0Wm93fSDXjPwWcvr%2BSxgnDVX2ox3XK9Fo84ygxEFhFmYTT0SJbl8%2FjFSUZKn%2F0zB6BGMPEIoLoFaDzQvQLcKjJL7WURjZRrDnRG4KpBmNWQ7zp48I5dnEnWvEETh8bVs9Mf1h4ufINQFUl3gI%2FGYoC%2FvTm6pnOzfUrkhP22mmYjFiFby3c5oFj11%2F61oJ1eab6yZ8fevhxVQpQ%2FejUzWpQkXSd%2BQH1YF55FeVzqMyM8b5v2I3bRma9XqxKbdm2%2Bsb8SpjowRKpmCipLUjncQipI89%2BTT2c%2B8Yr%2BA0FNoWyC2x%2BTCINQRwnQXJp3zN4pAy3kPSxeQ22KifTa%2FlIJARvOasgLmPzWb5xNNq9dUFHvmLvq6BprdQRIXGOgCA1mAyjGMfWaSpfr42m%2FfVPYtmKxNmNS1fSa1%2FLok3eTL2a4r51RuAUZUqjddGnSWvXabRm3W8ld6gccp9VuBHwS0icyUvRfld38DAAD%2F%2FwEAAP%2F%2FRe5koH0EAAA%3D

192.243.59.20

200 OK

7 B

URL GET HTTP/1.1
stuffintolerableillicit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujuNFQXHJbS%2FjQdBFJt09k56Me1iMMUtw3Ky7it6kqqtnUqa6q63qmp6MIMEF2YPCCF4UD51vkg2uy6J%2FgItMFkQCQvqWwwa8eRdylh6Dow%2Fq%2FajvFXzvffX5nj0jPiw9XXtbjYSUdGm54dZf%2FsDzrta7IrHD%2BnAl%2BDBoXa3rwWudoOG%2BUr8ehdtqyXc91%2FVcr74udNRTw6UKhEgfdLxGx220%2FIa33MJQ%2F7821oGhDvjgjFyC4GXtsbMIEU6RxD%2BuRWY7U%2Bmrb8ZW0kxpDPjhe8l2ovIE8TztaQe95PCiG8qcrD%2BCSg5mdKEG%2FzYyURLn10dgyeEFSbDB%2Fownk4gSMP4s8sEUkZxC0ClCdQeCnxAg5LixiSS%2Bd0PpnO78g9IKLUnt%2FC%2BIvCS1J4tI4oerUgzrt5W0mVCJwbBXQAynEP0pUnuEbLQAkR8hzD6D4L%2BTpfMuknh%2F00gFwYvZ7EJMIXpTyGgMahzY6ggHtufApg5ifloPPc9ruzyk7konDJu8HbGAux5t9zzqucEKbFjRGyNLxwjlGKHeRap3sS2%2BOlm%2BBG1%2FgdkqYLgDk5XEeWcXA14gjwhyQ5BTglwQ5BlBPigOuDS%2BKe5xaSzzLqJ%2FEZvFRGX9PXqgsn6UEFA9hubFXnpGXqhW5Dzfegnb0Wm93fSDXjPwWcvr%2BSxgnDVX2ox3XK9Fo84ygxEFhFmYTT0SJbl8%2FjFSUZKn%2F0zB6BGMPEIoLoFaDzQvQLcKjJL7WURjZRrDnRG4KpBmNWQ7zp48I5dnEnWvEETh8bVs9Mf1h4ufINQFUl3gI%2FGYoC%2FvTm6pnOzfUrkhP22mmYjFiFby3c5oFj11%2F61oJ1eab6yZ8fevhxVQpQ%2FejUzWpQkXSd%2BQH1YF55FeVzqMyM8b5v2I3bRma9XqxKbdm2%2Bsb8SpjowRKpmCipLUjncQipI89%2BTT2c%2B8Yr%2BA0FNoWyC2x%2BTCINQRwnQXJp3zN4pAy3kPSxeQ22KifTa%2FlIJARvOasgLmPzWb5xNNq9dUFHvmLvq6BprdQRIXGOgCA1mAyjGMfWaSpfr42m%2FfVPYtmKxNmNS1fSa1%2FLok3eTL2a4r51RuAUZUqjddGnSWvXabRm3W8ld6gccp9VuBHwS0icyUvRfld38DAAD%2F%2FwEAAP%2F%2FRe5koH0EAAA%3D
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectstuffintolerableillicit.com
FingerprintC9:2F:D9:D1:16:5D:26:11:12:28:33:9A:A1:46:8B:68:D2:38:4A:9A
ValidityTue, 16 Apr 2024 09:55:22 GMT - Mon, 15 Jul 2024 09:55:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSujuNFQXHJbS%2FjQdBFJt09k56Me1iMMUtw3Ky7it6kqqtnUqa6q63qmp6MIMEF2YPCCF4UD51vkg2uy6J%2FgItMFkQCQvqWwwa8eRdylh6Dow%2Fq%2FajvFXzvffX5nj0jPiw9XXtbjYSUdGm54dZf%2FsDzrta7IrHD%2BnAl%2BDBoXa3rwWudoOG%2BUr8ehdtqyXc91%2FVcr74udNRTw6UKhEgfdLxGx220%2FIa33MJQ%2F7821oGhDvjgjFyC4GXtsbMIEU6RxD%2BuRWY7U%2Bmrb8ZW0kxpDPjhe8l2ovIE8TztaQe95PCiG8qcrD%2BCSg5mdKEG%2FzYyURLn10dgyeEFSbDB%2Fownk4gSMP4s8sEUkZxC0ClCdQeCnxAg5LixiSS%2Bd0PpnO78g9IKLUnt%2FC%2BIvCS1J4tI4oerUgzrt5W0mVCJwbBXQAynEP0pUnuEbLQAkR8hzD6D4L%2BTpfMuknh%2F00gFwYvZ7EJMIXpTyGgMahzY6ggHtufApg5ifloPPc9ruzyk7konDJu8HbGAux5t9zzqucEKbFjRGyNLxwjlGKHeRap3sS2%2BOlm%2BBG1%2FgdkqYLgDk5XEeWcXA14gjwhyQ5BTglwQ5BlBPigOuDS%2BKe5xaSzzLqJ%2FEZvFRGX9PXqgsn6UEFA9hubFXnpGXqhW5Dzfegnb0Wm93fSDXjPwWcvr%2BSxgnDVX2ox3XK9Fo84ygxEFhFmYTT0SJbl8%2FjFSUZKn%2F0zB6BGMPEIoLoFaDzQvQLcKjJL7WURjZRrDnRG4KpBmNWQ7zp48I5dnEnWvEETh8bVs9Mf1h4ufINQFUl3gI%2FGYoC%2FvTm6pnOzfUrkhP22mmYjFiFby3c5oFj11%2F61oJ1eab6yZ8fevhxVQpQ%2FejUzWpQkXSd%2BQH1YF55FeVzqMyM8b5v2I3bRma9XqxKbdm2%2Bsb8SpjowRKpmCipLUjncQipI89%2BTT2c%2B8Yr%2BA0FNoWyC2x%2BTCINQRwnQXJp3zN4pAy3kPSxeQ22KifTa%2FlIJARvOasgLmPzWb5xNNq9dUFHvmLvq6BprdQRIXGOgCA1mAyjGMfWaSpfr42m%2FfVPYtmKxNmNS1fSa1%2FLok3eTL2a4r51RuAUZUqjddGnSWvXabRm3W8ld6gccp9VuBHwS0icyUvRfld38DAAD%2F%2FwEAAP%2F%2FRe5koH0EAAA%3D HTTP/1.1
Host: stuffintolerableillicit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991489,4991490]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 18:55:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b825f5ce5909203d642910ae42d143b
Strict-Transport-Security: max-age=0; includeSubdomains

stuffintolerableillicit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3t%2F8LgqKIbe9jAdBF5l090x6Mu5hMcYswXGz7ip6k6qunkmZ6q62qmt6MoIEF2QvygheFA%2Bdb5INrsuif4CLTBZEAkL6lsMGvHkXcpaeDY4%2B6H7v1fcKvvd99fmePSM%2BLD1de1uNhJR0abnh1l%2F%2BwPOu1rsiscP6cCX4MGhdrevBa52g4b5Svx6F22rJdz3X9Vyvvi501FPDpQqESB90vEbHbbT8hrfcwlD%2FtzfWgaEO%2BOCMLEDwsvbYWYQIp0jiH9cis52p9NU3YytppjQG%2FPC9ZDtReYJ4Xva0g15yeDENZU7WH0ElBzO6UIN%2FBpkoifPrI7Dk8IIk2GB%2FxpNJRAkYfxb5YIpITiHoFKG6A8FPCBBy3NhEEt%2B7oXROd56itEJLUjv%2FCyIvSe3JIpL44aoUw%2FptJW0mVGIw7BUQwylEf4rUHiEbXYLIjxBmn0Hw38nSeRdJvL9ppILgxWx3IaYQvSlkNAY1Dmz1CQe258CmDmJ%2BWg89z2u7PKTuSicMm7wdsYC7Hm33POq5wQpsWNEbI0vHCOUYod5FqnexLb46WV6Atr%2FAbBUw3IHJSuK8s4sBL5BHBLkhyClBLgjyjCAfFAdcGt8U97g0lnkX2b%2FIzWKisv4ePVBZP0oIqB5D82IvPSMvVBI5z7dewnZ0Wm83%2FaDXDHzW8no%2BCxhnzZU24x3Xa9Gos8xgRAFhLs22HomSXD7%2FGKkoyf%2F%2FTMHoEYw8QigWQK0HmhegWwVGyf0sorEyjeHOCFwVSLMash1nT56RyzOLulcuIQqPr2WjP64%2FXPwEoS6Q6gIficcEfXl3ckvlZP%2BWyg35aTPNRCxGtLLvdkaz6H%2F334p2cqX5xpoZf%2F96WAFV%2BeDdyGRdmnCR9A35YVVwHul1pcOI%2FLxh3o%2FYTWu2Vq1ObNq9%2Bcb6RpzqyBihkimoKEnteAehKMlzTz6dvcwr9ksIPYW2BWJ7TC4CQh0hTHdh0jl%2Fowi0nM%2BwtIbcFhPts%2FmhFAQymveUFTD%2F6tm8nmha3aai2DN30dc10OwOkrjAQBcYyAJUjmHsM5Ms1cfXfvumim%2FBZG3CpK7tM6nl1yXpJl9UWpPq5zxV3YjK9aZLg86y127TqM1a%2Fkov8Dilfivwg4A2kZmy96L87m8AAAD%2F%2FwEAAP%2F%2FQ9%2FB%2Bn0EAAA%3D

192.243.59.20

200 OK

7 B

URL GET HTTP/1.1
stuffintolerableillicit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3t%2F8LgqKIbe9jAdBF5l090x6Mu5hMcYswXGz7ip6k6qunkmZ6q62qmt6MoIEF2QvygheFA%2Bdb5INrsuif4CLTBZEAkL6lsMGvHkXcpaeDY4%2B6H7v1fcKvvd99fmePSM%2BLD1de1uNhJR0abnh1l%2F%2BwPOu1rsiscP6cCX4MGhdrevBa52g4b5Svx6F22rJdz3X9Vyvvi501FPDpQqESB90vEbHbbT8hrfcwlD%2FtzfWgaEO%2BOCMLEDwsvbYWYQIp0jiH9cis52p9NU3YytppjQG%2FPC9ZDtReYJ4Xva0g15yeDENZU7WH0ElBzO6UIN%2FBpkoifPrI7Dk8IIk2GB%2FxpNJRAkYfxb5YIpITiHoFKG6A8FPCBBy3NhEEt%2B7oXROd56itEJLUjv%2FCyIvSe3JIpL44aoUw%2FptJW0mVGIw7BUQwylEf4rUHiEbXYLIjxBmn0Hw38nSeRdJvL9ppILgxWx3IaYQvSlkNAY1Dmz1CQe258CmDmJ%2BWg89z2u7PKTuSicMm7wdsYC7Hm33POq5wQpsWNEbI0vHCOUYod5FqnexLb46WV6Atr%2FAbBUw3IHJSuK8s4sBL5BHBLkhyClBLgjyjCAfFAdcGt8U97g0lnkX2b%2FIzWKisv4ePVBZP0oIqB5D82IvPSMvVBI5z7dewnZ0Wm83%2FaDXDHzW8no%2BCxhnzZU24x3Xa9Gos8xgRAFhLs22HomSXD7%2FGKkoyf%2F%2FTMHoEYw8QigWQK0HmhegWwVGyf0sorEyjeHOCFwVSLMash1nT56RyzOLulcuIQqPr2WjP64%2FXPwEoS6Q6gIficcEfXl3ckvlZP%2BWyg35aTPNRCxGtLLvdkaz6H%2F334p2cqX5xpoZf%2F96WAFV%2BeDdyGRdmnCR9A35YVVwHul1pcOI%2FLxh3o%2FYTWu2Vq1ObNq9%2Bcb6RpzqyBihkimoKEnteAehKMlzTz6dvcwr9ksIPYW2BWJ7TC4CQh0hTHdh0jl%2Fowi0nM%2BwtIbcFhPts%2FmhFAQymveUFTD%2F6tm8nmha3aai2DN30dc10OwOkrjAQBcYyAJUjmHsM5Ms1cfXfvumim%2FBZG3CpK7tM6nl1yXpJl9UWpPq5zxV3YjK9aZLg86y127TqM1a%2Fkov8Dilfivwg4A2kZmy96L87m8AAAD%2F%2FwEAAP%2F%2FQ9%2FB%2Bn0EAAA%3D
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectstuffintolerableillicit.com
FingerprintC9:2F:D9:D1:16:5D:26:11:12:28:33:9A:A1:46:8B:68:D2:38:4A:9A
ValidityTue, 16 Apr 2024 09:55:22 GMT - Mon, 15 Jul 2024 09:55:21 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3t%2F8LgqKIbe9jAdBF5l090x6Mu5hMcYswXGz7ip6k6qunkmZ6q62qmt6MoIEF2QvygheFA%2Bdb5INrsuif4CLTBZEAkL6lsMGvHkXcpaeDY4%2B6H7v1fcKvvd99fmePSM%2BLD1de1uNhJR0abnh1l%2F%2BwPOu1rsiscP6cCX4MGhdrevBa52g4b5Svx6F22rJdz3X9Vyvvi501FPDpQqESB90vEbHbbT8hrfcwlD%2FtzfWgaEO%2BOCMLEDwsvbYWYQIp0jiH9cis52p9NU3YytppjQG%2FPC9ZDtReYJ4Xva0g15yeDENZU7WH0ElBzO6UIN%2FBpkoifPrI7Dk8IIk2GB%2FxpNJRAkYfxb5YIpITiHoFKG6A8FPCBBy3NhEEt%2B7oXROd56itEJLUjv%2FCyIvSe3JIpL44aoUw%2FptJW0mVGIw7BUQwylEf4rUHiEbXYLIjxBmn0Hw38nSeRdJvL9ppILgxWx3IaYQvSlkNAY1Dmz1CQe258CmDmJ%2BWg89z2u7PKTuSicMm7wdsYC7Hm33POq5wQpsWNEbI0vHCOUYod5FqnexLb46WV6Atr%2FAbBUw3IHJSuK8s4sBL5BHBLkhyClBLgjyjCAfFAdcGt8U97g0lnkX2b%2FIzWKisv4ePVBZP0oIqB5D82IvPSMvVBI5z7dewnZ0Wm83%2FaDXDHzW8no%2BCxhnzZU24x3Xa9Gos8xgRAFhLs22HomSXD7%2FGKkoyf%2F%2FTMHoEYw8QigWQK0HmhegWwVGyf0sorEyjeHOCFwVSLMash1nT56RyzOLulcuIQqPr2WjP64%2FXPwEoS6Q6gIficcEfXl3ckvlZP%2BWyg35aTPNRCxGtLLvdkaz6H%2F334p2cqX5xpoZf%2F96WAFV%2BeDdyGRdmnCR9A35YVVwHul1pcOI%2FLxh3o%2FYTWu2Vq1ObNq9%2Bcb6RpzqyBihkimoKEnteAehKMlzTz6dvcwr9ksIPYW2BWJ7TC4CQh0hTHdh0jl%2Fowi0nM%2BwtIbcFhPts%2FmhFAQymveUFTD%2F6tm8nmha3aai2DN30dc10OwOkrjAQBcYyAJUjmHsM5Ms1cfXfvumim%2FBZG3CpK7tM6nl1yXpJl9UWpPq5zxV3YjK9aZLg86y127TqM1a%2Fkov8Dilfivwg4A2kZmy96L87m8AAAD%2F%2FwEAAP%2F%2FQ9%2FB%2Bn0EAAA%3D HTTP/1.1
Host: stuffintolerableillicit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991489,4991490]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 18:55:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f54b3c7e10a3ae5ecc553bd3ce477f7d
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/19/f2/1c/19f21c1bed9621680fc6d126709d678c/1627917293.png

45.133.44.9

200 OK

48 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/19/f2/1c/19f21c1bed9621680fc6d126709d678c/1627917293.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced
Size
48 kB (48540 bytes)
Hash
407f211e032589d74fc4efbb9850dc01
aca22f4084875231eeb11c4fbb7578f6158c1613
3c840c1741fd2d23992a213bcfedd3da37a7fa73b3ac47c2607df77d49db93b8

HTTP Headers

GET /cti/19/f2/1c/19f21c1bed9621680fc6d126709d678c/1627917293.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:24 GMT
content-type: image/png
content-length: 48540
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:15:00 GMT
etag: "61080bf4-bd9c"
expires: Sat, 20 Apr 2024 18:55:24 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

www.teamos.xyz/data/assets/logo/TeamOS.png

172.67.143.25

200 OK

21 kB

URL GET HTTP/3
www.teamos.xyz/data/assets/logo/TeamOS.png
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
21 kB (20927 bytes)
Hash
86270c1741a9db8f95b7d6fdef2c62b4
17a3a90ec7e9d33dd84a77509446bf64d73d2e9e
83c1feff94030b6ddf0e2105ef24f444520c4e0fe3a0e6bf618eced3d2725bd2

HTTP Headers

GET /data/assets/logo/TeamOS.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1; _ga_ZMK4J7B2XT=GS1.1.1713466523.1.0.1713466523.0.0.0; _ga=GA1.1.1154666559.1713466524; m5a4xojbcp2nx3gptmm633qal3gzmadn=stuffintolerableillicit.com; pp_main_a1e8916f3df739635783bc00fa07bfe6=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:24 GMT
content-type: image/png
content-length: 20927
last-modified: Fri, 14 May 2021 15:05:04 GMT
etag: "609e91a0-51bf"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2682
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVUPxYqSUZvG5INj%2BP%2Fxe2Lbzi2py9H9pW3rGYT5qnLewgyoU9Zjotsb51MJVl5SKac9C8PMX4uLZHuErabhRYXu05RdIIan1hY6h2872p%2FCp3warMN8k4PJZn%2BO3rz9xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de74885356b7-OSL
alt-svc: h3=":443"; ma=86400

secure.gravatar.com/avatar/847e8f32748307eb83936d65dcd58523?s=48

192.0.73.2

200 OK

2.0 kB

URL GET HTTP/2
secure.gravatar.com/avatar/847e8f32748307eb83936d65dcd58523?s=48
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.teamos.xyz/
Certificate
IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint28:34:17:4E:69:95:4B:B9:70:DF:D4:0F:AA:2C:8D:60:F2:45:E7:D0
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 48x48, components 3
Size
2.0 kB (1978 bytes)
Hash
85126f65e11ccf3d506cae02797ac9a3
8913489d899afa683043212fd369a8da7ff37772
a773483cd9e42bbd8e4af8d5e548f44e4bdb875cf718db022c34c4ff2d0f407e

HTTP Headers

GET /avatar/847e8f32748307eb83936d65dcd58523?s=48 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 18:55:24 GMT
content-type: image/jpeg
content-length: 1978
last-modified: Fri, 08 Mar 2013 11:46:09 GMT
link: <https://gravatar.com/avatar/847e8f32748307eb83936d65dcd58523?s=48>; rel="canonical"
content-disposition: inline; filename="847e8f32748307eb83936d65dcd58523.jpeg"
access-control-allow-origin: *
expires: Thu, 18 Apr 2024 19:00:24 GMT
cache-control: max-age=300
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

www.teamos.xyz/cdn-cgi/rum?

172.67.143.25

204 No Content

0 B

URL POST HTTP/3
www.teamos.xyz/cdn-cgi/rum?
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 454
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1; _ga_ZMK4J7B2XT=GS1.1.1713466523.1.0.1713466523.0.0.0; _ga=GA1.1.1154666559.1713466524; pp_main_a1e8916f3df739635783bc00fa07bfe6=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Thu, 18 Apr 2024 18:55:46 GMT
access-control-allow-origin: https://www.teamos.xyz
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8766defe6b8256b7-OSL
x-frame-options: DENY
x-content-type-options: nosniff

www.teamos.xyz/

172.67.143.25

200 OK

174 kB

URL User Request GET HTTP/3
www.teamos.xyz/
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
174 kB (173472 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:22 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 18 Apr 2024 18:55:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
set-cookie: xf_csrf=LGNiOjfiqNgnReRN; path=/; secure
xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw; path=/; secure; HttpOnly
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ja7D88Sxnwlvjh83yKKCv8RU66SWa3wwWH2nYjmpqTW6LHqa0FGrFS7oBaR%2BjM%2F6EuHEeWmAxJanMmzuXKJ6IRG7gy1Qv41lhQJE8O5jyU23%2BwHPQ3K2bULB1B%2BKlzOvAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de65bfdf56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/favicon.ico

172.67.143.25

200 OK

180 kB

URL GET HTTP/3
www.teamos.xyz/favicon.ico
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
Size
180 kB (180396 bytes)
Hash
6d9396dc55f2e528b53aa081b562f91f
aba25e72d54c60252f233a4bcf2c5773a11e6359
f2678bc111d1e4768f668ea1d1d8bc086371b13f66688831fb7e5706f7d29638

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4e1b8767-c089-45ec-a3ca-ef09b8ef2339%3A3%3A1; _ga_ZMK4J7B2XT=GS1.1.1713466523.1.0.1713466523.0.0.0; _ga=GA1.1.1154666559.1713466524; m5a4xojbcp2nx3gptmm633qal3gzmadn=stuffintolerableillicit.com; pp_main_a1e8916f3df739635783bc00fa07bfe6=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:24 GMT
content-type: image/x-icon
last-modified: Sun, 05 May 2019 15:07:05 GMT
vary: Accept-Encoding
etag: W/"5ccefc19-2c0ac"
expires: Mon, 22 Apr 2024 02:40:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 2198578
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yT4Cg8epVZwa8VL%2B1hbnrbpL%2BtXdOSHh90iAGPXfRQCZRK9kEUB5hPJfiRU%2BZ2Qr65M8tzkvfsdXEnwvlwVmuKuhKtsvdLJA6lvwvw3HUXkiTJiWpD4UYreZECAPL%2BA1gw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de74885556b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

104.16.80.73

200 OK

19 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
JavaScript source, ASCII text, with very long lines (19261), with no line terminators
Size
19 kB (19261 bytes)
Hash
3be93fd15d2f7dee2fc0c8981c6fa5c6
8cd88c36fad3e96641dbc4d781f5ddbe5123312f
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

HTTP Headers

GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Mon, 15 Apr 2024 22:09:58 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de690e010b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

172.67.180.87

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
172.67.180.87:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 18:55:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 648754b0dd303e91488a19c45c93e4d7
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 18:55:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZok9YAeSubkFG%2FGxz%2FrPSerM28fQN0wVvP%2BJTYLKLMdHpX3imRcfI4uqXve9venmaLv0fwwyBtOO%2Fvf5FIcC5Wo98H0UJzhXRmM24yhNUn%2B3VaYylX%2Fb%2FPcXz1EQfEx6HBEpfbCf4gHTy6LgcOMyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de6ea8f156af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1713088796&k=034405c740f279c15adbbc41dfccb627ca90db04

172.67.143.25

200 OK

397 kB

URL GET HTTP/3
www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1713088796&k=034405c740f279c15adbbc41dfccb627ca90db04
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
ASCII text, with very long lines (63233)
Size
397 kB (396762 bytes)
Hash
ca8b60ddaf8efe6e6e2c8238947a2a20
7efd8f6ce98cf1dbe6f55729d7be5eea309846a4
86d0e326cd98c5c555669c9d8621176c085ca0646bb10479a4a8e1e8244b96e5

HTTP Headers

GET /css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1713088796&k=034405c740f279c15adbbc41dfccb627ca90db04 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Fri, 18 Apr 2025 18:55:23 GMT
last-modified: Sun, 14 Apr 2024 09:59:56 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFudCpdamF8a6eJYpMYcchOXo%2BsEkDDB8qckv9ryL1E5EQTtrg9AyMXSSoIIaKUJIoKTE9ZJSH6VYXnH%2FxDSBbwt53tOd3MroLdLoD%2FKiCDW35PRBF1BImTotSpE%2B1Qmrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de68db5856b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

my.teamos.xyz/0012113ff1b819a74f9aac588554b26b/announce7:comment39:Downloaded

172.67.143.25

302 Found

174 kB

URL User Request GET HTTP/2
my.teamos.xyz/0012113ff1b819a74f9aac588554b26b/announce7:comment39:Downloaded
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
174 kB (173472 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0012113ff1b819a74f9aac588554b26b/announce7:comment39:Downloaded HTTP/1.1
Host: my.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 18 Apr 2024 18:55:22 GMT
location: https://teamos.xyz
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlGunD1TvjKgBosbgMPSp6fOU6LVmaQ%2FHoFX7sa7L33A0gqOG6a%2FL2y%2Fty3RkhRL3NZtKjPqpg4XcWHgRaMRR3r2vmpLFSzjA%2FlNN29uZBe32c8N%2FAmmROJexV6EkWDH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de648d20b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.143.25

200 OK

12 kB

URL GET HTTP/3
www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 15:45:04 GMT
etag: W/"661e9d00-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0f6WtwdqKOuqDWCXNRX7jY399Juu75v80F8JufyszJKuaNVU6lzBH317qteMo7RINwRT69N9qCXrJJR02J%2FKZA612hSJdnCKBvQL1S%2BpQszJb143g2VwsuqW1%2B58k%2B9LwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8766de68db6656b7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 20 Apr 2024 18:55:23 GMT
cache-control: max-age=172800, public
content-encoding: gzip

www.teamos.xyz/js/xf/notice.min.js?_v=099e916e

172.67.143.25

200 OK

3.7 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/notice.min.js?_v=099e916e
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (3758), with no line terminators
Size
3.7 kB (3662 bytes)
Hash
dfe0222d5d182d0d6a9b43d5a6c7a39e
f0455388d72298f16ca08c8dcf5b85e18d54f659
c9a0822314b301039409542c323db4e053f62525ce8c5aa63c46a9c3a8a46ceb

HTTP Headers

GET /js/xf/notice.min.js?_v=099e916e HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
vary: Accept-Encoding
etag: W/"63926c70-e4e"
expires: Fri, 19 Apr 2024 08:41:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 553401
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OwcI15vERvAOPZ3URJv4Mep54Xu03xB0zhd644huZ8X8%2FAaCyqdHY1tzGAoozZnpsklXX2Y4C4pxtsbl%2BkFwfqFgpn01B5bksze%2Fdqu62UXRMt4MGfrH1L7ISbMQnESj7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de6a9d4556b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 211851
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

teamos.xyz/

172.67.143.25

301 Moved Permanently

174 kB

URL User Request GET HTTP/2
teamos.xyz/
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
174 kB (173472 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Thu, 18 Apr 2024 18:55:22 GMT
content-type: text/html
location: https://www.teamos.xyz/
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKSJlFiedo9abBrTwfAjCVBZ3YHGJu0UuABYQhyQQ5ehyMmzupi6Lx%2FN%2FfUfjrbN8R6Jzxb6dVOBwx1GDheRa0Yw%2FAWg4l76aDd%2FyWZjDj54weLoGQY3ray70NEp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de64ed7bb50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.teamos.xyz/css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1713088796&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52

172.67.143.25

200 OK

86 kB

URL GET HTTP/3
www.teamos.xyz/css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1713088796&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
ASCII text, with very long lines (49132)
Size
86 kB (85694 bytes)
Hash
394c418197beab6a31b3281f3342bfac
3af77160350ff52f8d36b47365a118279f412ccb
0573e5c09f0c4164784b44f27da20fe3a50fb04b98ab1fadd5348b82543d0194

HTTP Headers

GET /css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1713088796&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=LGNiOjfiqNgnReRN; xf_session=OGefBrY133eJxitSRpvZIOmaNY3lLUSw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 18:55:23 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Fri, 18 Apr 2025 18:55:23 GMT
last-modified: Sun, 14 Apr 2024 09:59:56 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKi6Br%2BQXlFPzYL9KNIECOa%2FO3BCwfO5VKmP8JkgEhcybTg6FiwPxkAr5b1rq0zBkoWKOmZQQ6CvlBRvxCjaCunDyHEdf2GTpYOt4RlHWnOYD2ynVLZ3u9mLgxe4Nw5GfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8766de68db6156b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.99

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 08:04:32 GMT
expires: Wed, 16 Apr 2025 08:04:32 GMT
cache-control: public, max-age=31536000
age: 211851
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations