Report - my.teamos.xyz/00122c7a1952f860fa69cec93a11005c/announce7:comment39:Downloaded

Report Overview

Submitted URL
my.teamos.xyz/00122c7a1952f860fa69cec93a11005c/announce7:comment39:Downloaded
IP
104.21.71.43
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-05 10:26:11
Access
public
Website Title
Team OS : Your Only Destination To Custom OS !!
Final URL
www.teamos.xyz/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
14

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-04	431 B	90 kB	142.250.74.170
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-04	411 B	87 kB	188.114.97.1
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-05-04	2.4 kB	597 kB	45.133.44.10
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-05-04	492 B	82 kB	104.16.80.73
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-04	872 B	842 B	18.185.9.67
teachingwere.com	unknown	unknown	No data	No data	2.5 kB	5.6 kB	192.243.59.13
my.teamos.xyz	unknown	2022-01-12	2022-04-13	2024-03-31	533 B	173 kB	104.21.71.43
www.teamos.xyz	unknown	2022-01-12	2022-04-13	2024-01-11	12 kB	1.1 MB	104.21.71.43
unnecessarydispleasedleak.com	unknown	unknown	No data	No data	7.8 kB	22 kB	172.240.253.132
instrumenttactics.com	unknown	2022-01-23	2022-01-23	2024-03-01	1.3 kB	54 kB	192.243.59.12
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-05	876 B	298 kB	142.250.74.168
teamos.xyz	unknown	2022-01-12	2022-01-13	2023-07-06	467 B	174 kB	104.21.71.43
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-05	436 B	25 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-05	1.6 kB	124 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-05	medium	unnecessarydispleasedleak.com	Sinkholed
2024-05-05	medium	teachingwere.com	Sinkholed
2024-05-05	medium	unnecessarydispleasedleak.com	Sinkholed
2024-05-05	medium	teachingwere.com	Sinkholed
2024-05-05	medium	unnecessarydispleasedleak.com	Sinkholed
2024-05-05	medium	unnecessarydispleasedleak.com	Sinkholed
2024-05-05	medium	unnecessarydispleasedleak.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	www.teamos.xyz/js/xf/core-compiled.js?_v=1d5fe3a2	214 kB	2023-03-12	2024-05-12
Pretty URL www.teamos.xyz/js/xf/core-compiled.js?_v=1d5fe3a2 IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:31:50 Last Seen2024-05-12 16:49:43 Times Seen627 Hash d0ab265a4f68a45efc52408bd69a7f25 c57033113a290427c17a5cd1c94b1829aac06fed abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3 Loading...

	unknown	4.9 kB	2024-05-05	2024-05-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:26:18 Last Seen2024-05-05 12:26:18 Times Seen1 Hash 7b46b40867bffb979d8d6dbcb9dd0758 910fecc98c8c163f1c519ecd197bbed5ba6af920 4abbf1bee23fcdaa7b9ede032ae6d93d3f35f086b0ec2969a832bec9809b88ab Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-18
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-18 16:36:54 Times Seen349814 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387	19 kB	2024-04-24	2024-05-18
Pretty URL static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 IP 104.16.80.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 00:56:41 Last Seen2024-05-18 16:17:34 Times Seen2441 Hash 4c980ee97cb5c001b4d19e2895fa5603 2c6fe998aa7486c4becd74cf253bdd82666a64c3 d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192 Loading...

	www.googletagmanager.com/gtag/js?id=UA-77872044-1	208 kB	2024-05-05	2024-05-05
Pretty URL www.googletagmanager.com/gtag/js?id=UA-77872044-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:26:18 Last Seen2024-05-05 12:26:19 Times Seen2 Hash 26dee4df2b1cf705f18f20c8460a833b 347a196d5f8965d7a25a132a774e831ceeb20458 21b8c55cc8b9ddac71e1adf1dcbb2ef6a200516f0c101857146494a97525b4a5 Loading...

	instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js	31 kB	2024-05-05	2024-05-05
Pretty URL instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:26:18 Last Seen2024-05-05 12:26:19 Times Seen2 Hash 402603fbd65314f99b6cdc09466aa71b f40a87a9baf5c90651a489bfdf6fcfcc0378900a 7ddc567684edb8440fc2d8a14fa8bd172f236c04b95d3cd0cf3976dc159a4e67 Loading...

	www.teamos.xyz/js/xf/preamble.min.js?_v=1d5fe3a2	3.4 kB	2023-03-09	2024-05-14
Pretty URL www.teamos.xyz/js/xf/preamble.min.js?_v=1d5fe3a2 IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:27:16 Last Seen2024-05-14 03:15:57 Times Seen651 Hash 57c077607d1b4ba5bfeac6740d6e9576 8ce714d869d8f3b46eb3a7c7689920e1a85b0808 c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-05-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-18 16:27:03 Times Seen145295 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	www.teamos.xyz/sandbox%20eval%20code	147 B	2023-04-11	2024-05-18
Pretty URL www.teamos.xyz/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-18 16:36:54 Times Seen350328 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	unknown	145 B	2023-03-12	2024-05-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:17:49 Last Seen2024-05-12 16:49:43 Times Seen259 Hash 56345684a4f92ef41f648d4d85464d99 a8c16ba1be3fb3c3dc7eff8358d223fc86cc3bde aa59fc72954112cea004fa466abb1ad524db3fa8321764f9699745769aea8d95 Loading...

	www.teamos.xyz/js/xf/notice.min.js?_v=1d5fe3a2	3.7 kB	2023-03-09	2024-05-12
Pretty URL www.teamos.xyz/js/xf/notice.min.js?_v=1d5fe3a2 IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:27:16 Last Seen2024-05-12 16:49:43 Times Seen655 Hash b725cc9681612e5c4a6de094bbe33bd9 c2bd0760c401cf86e15fc2b941b14fa7901633e3 a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b Loading...

	unknown	3.3 kB	2024-05-05	2024-05-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:26:18 Last Seen2024-05-05 12:26:18 Times Seen1 Hash ca5b444c3285f3635ccefa5104980905 25c58351b8a517e4435306afcb34940c205738b7 428774b79a0223e6fe50d903fabdf51854586092ac548dc4f3e9c35d66be23fc Loading...

	www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-18
Pretty URL www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-18 16:27:01 Times Seen44340 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js	27 kB	2024-05-05	2024-05-05
Pretty URL instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:26:18 Last Seen2024-05-05 12:26:19 Times Seen2 Hash a6bdf60a74431f4a2f0bdeb2ce878a9b bc29ecdbca7e2cc36d06136c976870fe77d75d79 39edca034a1c7d6255ee20306dd257da68bfeab913065fa0d3b8d95e37ac9a42 Loading...

	unknown	14 kB	2023-03-07	2024-05-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-05-12 16:49:43 Times Seen261 Hash b5bf3196e186c65f858bc7e486cf9cba 917caf23e7cac4ba0613ae06e6bf1b72c0e69c98 bb8411520f5e4a207375f13c7266dbdf5fb56fd58fa695c0d486ddf476346d02 Loading...

	unknown	206 B	2023-03-07	2024-05-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-05-12 16:49:43 Times Seen261 Hash 2700edffedbdaa40ab6a216ae8ced12f 573cb508bb36874954aa08c362370776cf73963c 35725d60531c253a1c499e18c6164aa07bcd1da0fa6e20e193b427e5970d8d09 Loading...

	unknown	710 B	2023-03-07	2024-05-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-05-12 16:49:43 Times Seen261 Hash 44f474ad795f2c9a6ba3e00ba7d3e0ce fca7a12113dc770c62721146decd70697384e78f b23f5c96634b513c51b13397c53b235960fed3f771e72923c0d557e4e0830e5c Loading...

	unknown	2.1 kB	2023-03-07	2024-05-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-05-12 16:49:43 Times Seen264 Hash 3a3fa1f807c678e04fa94fa684069231 c26e333abe0f139338a79d09557d433bab245107 95464e5d88d803be95b2ee15ce8668f1dc99b75f6aadd4379bc9fbcfba665ba5 Loading...

	instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js	84 kB	2024-05-05	2024-05-05
Pretty URL instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:26:19 Last Seen2024-05-05 12:26:19 Times Seen2 Hash c26e996f21c853ce928f5bcda25cab70 271abd40fba2ac2116ffd398ef512e0a196a7408 d81f9bf87071b5ddf4535b995b3543f784a2b6fbf3caabd0b50be0c2490e7bc7 Loading...

	unknown	357 B	2023-03-12	2024-05-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:17:48 Last Seen2024-05-12 16:49:43 Times Seen261 Hash 00f88953f2d2d6770a8c26b60786c7a6 6cafe6508c1f114bf474f948fc6776a6131f3a72 1d996072b68082027d84ea8ccd0588497eb43fbfc4a2b2225bb443ff1424f4cc Loading...

	www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c	254 kB	2024-05-05	2024-05-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 12:26:19 Last Seen2024-05-05 12:26:19 Times Seen2 Hash 072872fc7ffbad3f85412402c8018145 e35a4c38288300a744498a7a852d66c00f1554ec d02e484cf9c34d527c5dfa5f63cb26b178dac13e5eb63b57b34a4a8c6faedd47 Loading...

	unknown	109 B	2024-04-30	2024-05-12
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 13:38:56 Last Seen2024-05-12 16:49:43 Times Seen5 Hash 54ce6208bae15ef2583fe6ce4fd98cf2 b60d9fe7ecd7c6632a2ac5be9f2533a3eee4b598 2d456de677e422bacd21b3b6efa0e5fd3dceea9c8c3446d2046bb55543e2b6c5 Loading...

	www.teamos.xyz/js/vendor/vendor-compiled.js?_v=1d5fe3a2	43 kB	2023-03-07	2024-05-15
Pretty URL www.teamos.xyz/js/vendor/vendor-compiled.js?_v=1d5fe3a2 IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:34 Last Seen2024-05-15 20:44:27 Times Seen774 Hash 372b0c5f17990ad741c3d02593f63fe8 4e577cb859755cbf104a2334e6307a5291558689 ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 41d62dd1bfc71804a9ddd89486293a65	2.1 kB	2024-05-05	2024-05-05
Pretty Observations First Seen2024-05-05 12:26:19 Last Seen2024-05-05 12:26:19 Times Seen1 Hash 41d62dd1bfc71804a9ddd89486293a65 11443ad2c745e415562d037f5744009448f9b3ff 7c39f60a2f8c3c311e8ce245e2e4e384bd12a099c7f5f62a5bd3e258c272a17e Loading...

	#2 Eval - 2711fceaffbc4adbdef1e52afbde54de	15 kB	2023-03-07	2024-05-16
Pretty Observations First Seen2023-03-07 12:28:02 Last Seen2024-05-16 23:49:38 Times Seen310 Hash 2711fceaffbc4adbdef1e52afbde54de 62a2235b484940a2478213c3ff460153c3071fc3 21d093407e762467a0eb2435e960d0848f2a22eaa9c174a751b0a2203ec0fff7 Loading...

HTTP Transactions (50)

URL IP Response Size

www.teamos.xyz/data/assets/logo/TeamOSBanner.png

104.21.71.43

200 OK

42 kB

URL GET HTTP/3
www.teamos.xyz/data/assets/logo/TeamOSBanner.png
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
PNG image data, 440 x 190, 8-bit/color RGBA, non-interlaced
Size
42 kB (41495 bytes)
Hash
6d2647b327cb54f616dcbec207599df0
4e3e0baad833e44a3eb1e2052d3e78fd828180bf
b6201f6ed7ee1358eaad1b0dc43a16dd215f1175ceef43a3169c2e51b3a737a8

HTTP Headers

GET /data/assets/logo/TeamOSBanner.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: image/png
content-length: 41495
last-modified: Sun, 08 Jan 2023 06:26:05 GMT
etag: "63ba61fd-a217"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2067
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TC9ArQX9mTRmSuqIeZJw%2F%2BvTENFnNupQMXA6GRIrkWGpXsfBd114jchrsp4x9PhU%2Fg0%2FBljISb9ch5eqk3Wt074WbiAfFqcKMbNc0bgYBDRSPxlLzsy1DLnPnitApXO7tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f00749ef8056a2-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3

104.21.71.43

200 OK

169 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 168768, version 331.-31261
Size
169 kB (168768 bytes)
Hash
d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

HTTP Headers

GET /styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: font/woff2
content-length: 168768
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-29340"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAzccEDILWRZi1k3uoYswR7Jdeb%2FIcDjsr8RoPipHgiBXVdH7L5Rtxx%2B8u6S0z6zug4dpu01WAijCLjzL%2BkiOjok29%2Fvy22RmQAbY5Ih3S9U5M%2F81HCVUn0LnYESZFEoeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f00749df7456a2-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3

104.21.71.43

200 OK

137 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 136824, version 331.-31261
Size
137 kB (136824 bytes)
Hash
978b27ec5d8b81d2b15aa28aaaae1fcb
76625967fe113a088e0627605b9d1bbfb8a5e47c
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

HTTP Headers

GET /styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: font/woff2
content-length: 136824
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-21678"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ccQ0om3P7iZijYiHQQa73kdHLYQAUzpReB8Fpb65dmEia0X2mm6T2HnyhSSnK5HQ7%2F%2F4kpm7adHnJooNV36CdyRLO0v%2BpUFbsXLhDkMKuMFptHNT6KB%2FvZXaJYSxHcj%2BSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f00749df7556a2-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3

104.21.71.43

200 OK

77 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
Web Open Font Format (Version 2), TrueType, length 76740, version 331.-31261
Size
77 kB (76740 bytes)
Hash
0511670fe2f5405105a6760294c5c51d
61cb879dec4fa97ece0d2a26cd6767c66117841b
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

HTTP Headers

GET /styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: font/woff2
content-length: 76740
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-12bc4"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2AEl2CVVD72N5kM9yiDgMVcGzGMh0Haf%2BQpb0rpn9tXZJ8pUTSCD%2Bx%2B%2FsCZ7lpsklTjctIxXrP135iysGUy8m27cu6HMelUuV1VB7KhxJt65eD%2BWRq%2Bvd6nBkl1TPGI6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f00749df7656a2-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.106

200 OK

24 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
24 kB (24348 bytes)
Hash
044a764bbf4d8dac409c1b9e7660e03f
6d041681370c367e859222a5cb51f065dd606b21
5c5abfce05a4c74cf3bbf6022cfead30136b7793ec942368dd7a544875636623

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 10:25:46 GMT
date: Sun, 05 May 2024 10:25:46 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1714599685&k=034405c740f279c15adbbc41dfccb627ca90db04

104.21.71.43

200 OK

96 kB

URL GET HTTP/3
www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1714599685&k=034405c740f279c15adbbc41dfccb627ca90db04
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
ASCII text, with very long lines (63233)
Size
96 kB (96457 bytes)
Hash
ca8b60ddaf8efe6e6e2c8238947a2a20
7efd8f6ce98cf1dbe6f55729d7be5eea309846a4
86d0e326cd98c5c555669c9d8621176c085ca0646bb10479a4a8e1e8244b96e5

HTTP Headers

GET /css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1714599685&k=034405c740f279c15adbbc41dfccb627ca90db04 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Mon, 05 May 2025 10:25:46 GMT
last-modified: Wed, 01 May 2024 21:41:25 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4Dfu9e38Jy0oNetXFrlb%2Bc2UcXVc64oS5H5VSedtkqdBCgV1uniJMvbZz3bR4IoOFQ60WpbFrzQkDgBGL2SSc7kXJOZuTtBFYjgypst6J5JQjcI%2Bc6sfTC8mjs%2Fr6Xbtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f00749df7a56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1714599685&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52

104.21.71.43

200 OK

17 kB

URL GET HTTP/3
www.teamos.xyz/css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1714599685&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
ASCII text, with very long lines (49132)
Size
17 kB (16741 bytes)
Hash
394c418197beab6a31b3281f3342bfac
3af77160350ff52f8d36b47365a118279f412ccb
0573e5c09f0c4164784b44f27da20fe3a50fb04b98ab1fadd5348b82543d0194

HTTP Headers

GET /css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1714599685&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Mon, 05 May 2025 10:25:46 GMT
last-modified: Wed, 01 May 2024 21:41:25 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SlqyqX1iZdJh188fm1ON9sxss9dPoeAJKDMfnkWogwxbBO4NDrlVYO7AulENeyu6fqPooDJooDP1w329K8nlZEIGxQ2jUMfC4A5RSChINsBJDaYAq1SHwfOoDMQsH0uhCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f00749df7e56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/js/xf/core-compiled.js?_v=1d5fe3a2

104.21.71.43

200 OK

110 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/core-compiled.js?_v=1d5fe3a2
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (16424)
Size
110 kB (109723 bytes)
Hash
d0ab265a4f68a45efc52408bd69a7f25
c57033113a290427c17a5cd1c94b1829aac06fed
abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3

HTTP Headers

GET /js/xf/core-compiled.js?_v=1d5fe3a2 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=213917
etag: W/"63926c70-3439d"
expires: Tue, 07 May 2024 03:43:35 GMT
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
cf-cache-status: HIT
age: 410082
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tknJ0%2Bofy1kLNKrJqKb3tolScRs%2FQ%2FUZrpZlLYxNdHpCG6eJC%2FmhN770rqLunfLU7pUF5Od9bzvaz9GLNWpo3%2F2h998ogil1hS4MlELVAnHLje4t%2BeJxI7KMNWrc5zr4AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f0074b996056a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/js/vendor/vendor-compiled.js?_v=1d5fe3a2

104.21.71.43

200 OK

61 kB

URL GET HTTP/3
www.teamos.xyz/js/vendor/vendor-compiled.js?_v=1d5fe3a2
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (15908)
Size
61 kB (60961 bytes)
Hash
372b0c5f17990ad741c3d02593f63fe8
4e577cb859755cbf104a2334e6307a5291558689
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

HTTP Headers

GET /js/vendor/vendor-compiled.js?_v=1d5fe3a2 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=43704
etag: W/"63926c70-aab8"
expires: Tue, 07 May 2024 03:43:35 GMT
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
cf-cache-status: HIT
age: 401236
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhE4hxIvwQFtdnkzY%2FeeJWfUhdPOu7qN4gPUV%2FYIkqrDx%2FabBOuYksOkpZBf2chfXXkeYMQLn6HVl%2FPEHDSt%2FEuWD6T4jowty%2FU%2B9DGvuJ5yJz3BHApQZF%2BFgF3GB57EzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f0074b996156a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2

216.58.207.227

200 OK

25 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24984, version 1.0
Size
25 kB (24984 bytes)
Hash
303a79d404d97ccbb3d803088fc387d8
66e3525b79a1a58a63fe0934f31676dd40c7f033
7e510e61c497d334da21eccda06df5d3a428c9ea94d6903b6138e7c7255aba0f

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTUGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24984
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 11:39:23 GMT
expires: Sat, 03 May 2025 11:39:23 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:04:54 GMT
content-type: font/woff2
age: 168383
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.teamos.xyz/data/avatars/s/86/86944.jpg?1714866196

104.21.71.43

200 OK

1.0 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/86/86944.jpg?1714866196
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced
Size
1.0 kB (1015 bytes)
Hash
b8d640536f661ae127bcababccd0ebd9
da748443dd5f255ac38fae38470328f2bb65ebf1
524e705c6241d6e1c8e8a5843f33ceba1075dbf35fc7d551c47282e83ebcbe0d

HTTP Headers

GET /data/avatars/s/86/86944.jpg?1714866196 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: image/jpeg
content-length: 1015
last-modified: Sat, 04 May 2024 23:43:16 GMT
etag: "6636c814-3f7"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2385
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IACDz9kSi9eV58aK8LqDJjGiE64uJ1n1XZ40h%2FZCmNyyLi1hEwUpS8NDUuwRnBvKRveRJdxkjHZ7utJW9CNHXp6%2B3CzDXIwdmWM%2Bhemdt3RNWdbsh5HQdU3JhcWQvhhUqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0074d3b6656a2-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/320/320439.jpg?1564837176

104.21.71.43

200 OK

1.6 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/320/320439.jpg?1564837176
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 48x48, components 3
Size
1.6 kB (1594 bytes)
Hash
b67e6752c2246a5ac1ded03db054fbbd
357dbaa8382e4ddb86d11b6a04d23fa25205a06f
3fbc752552542291b338951fb62ccc72ac6557dda4a035d3c7463edf7523befb

HTTP Headers

GET /data/avatars/s/320/320439.jpg?1564837176 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: image/jpeg
content-length: 1594
last-modified: Sat, 03 Aug 2019 12:59:36 GMT
etag: "5d458538-63a"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 809
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oT6SzzAp6FIjDKdoXQUjPLNpxFr3v3SeDSypKa3Lm6B8e0kxFolLRMW%2F4LkxIcULU8kCasqDLvA3eV2sJ0E2z88cBLzQU2j4tPkkeMORlzwl7qRV4vJDAnCEJMmc%2BFdXKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0074d3b6556a2-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/10/10154.jpg?1710632396

104.21.71.43

200 OK

2.0 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/10/10154.jpg?1710632396
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 48x48, components 3
Size
2.0 kB (1962 bytes)
Hash
1ae90eb6ef7b7b1f2e89b12bc6e186e5
760bdb0af23e710f1c21b8055fd884c3bb5c230c
5107dc58275b02e4e30fd32ac7d95ff9acf247a78ced068285ad97813e378a60

HTTP Headers

GET /data/avatars/s/10/10154.jpg?1710632396 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: image/jpeg
content-length: 1962
last-modified: Sat, 16 Mar 2024 23:39:58 GMT
etag: "65f62dce-7aa"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2385
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhmqa0%2FDq%2FN078jdaNOwvEece3TLUtOg%2Br0G682XmS37JBCXVvfC14ZZKnoFqq2qR%2FrxvkRXs5PbcMicSyY0ITCZ%2FfF7WvAmwoYJgjaM34uxklTx7ebb34U9PAs7kYG65Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0074d3b6756a2-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/318/318500.jpg?1547550268

104.21.71.43

200 OK

1.6 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/318/318500.jpg?1547550268
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 48x48, components 3
Size
1.6 kB (1553 bytes)
Hash
3345a5b9c81d942b733208a0bd2237d3
8c7d22e1810a6db883843904b6ffde50c7672d6e
aaad7814d3bb254a6ead4aa566a31c79ef378df2a2eeac39d599aec2238d7afc

HTTP Headers

GET /data/avatars/s/318/318500.jpg?1547550268 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: image/jpeg
content-length: 1553
last-modified: Sat, 04 May 2019 23:47:08 GMT
etag: "5cce247c-611"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2385
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZQYuJwctfcGJ%2FLKaalOg1hY5wRqIhFMVD8pmSQwU5wv6LBpR93yXGiPLQ2jBEJPXtW3fT0iwLj7HNCx0OCVV7OQLsErbe%2FGNiqqQ6RNLeGRPKworGT2d%2F%2BOWrm%2FBvoAQ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0074d3b6956a2-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/465/465752.jpg?1618500454

104.21.71.43

200 OK

1.6 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/465/465752.jpg?1618500454
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 48x48, components 3
Size
1.6 kB (1635 bytes)
Hash
979598854c4848afac2f567328279e17
91d0b1c95516d52bcdb05a7fb5a2e4e57eb26d9e
ce0ebe8c6d3d0690ec357e050185b47dc5fe50db0f86b3a88559ca258fab72a0

HTTP Headers

GET /data/avatars/s/465/465752.jpg?1618500454 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: image/jpeg
content-length: 1635
last-modified: Thu, 15 Apr 2021 15:27:34 GMT
etag: "60785b66-663"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2385
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUIsiFdR%2B9nVoCsPQ9WzfHaikKA8J61Ws9WCpKk1%2BChyNdj3bfL7a5EV1cfkRk3GqnzCOwPyR%2BbZb%2BDSHvNP18npDdw3NF6BP0vkZqcAV10muPqYHfdDYSIHqTsktnUtZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0074d3b6856a2-OSL
alt-svc: h3=":443"; ma=86400

static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387

104.16.80.73

200 OK

81 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
gzip compressed data, from Unix
Size
81 kB (81299 bytes)
Hash
96ecf1e2c2299632e360db7872e3bbf4
2246ef5b711aaff0b1ca946aa25d830b2790f41a
fc127e5573616fe8a90e223529b3e657a1a2e38b4cb304615e9d6fedfbb86cf7

HTTP Headers

GET /beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.1"
last-modified: Tue, 23 Apr 2024 12:12:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f00749f816b4fa-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.teamos.xyz/data/assets/logo/TeamOS.png

104.21.71.43

200 OK

21 kB

URL GET HTTP/3
www.teamos.xyz/data/assets/logo/TeamOS.png
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
21 kB (20927 bytes)
Hash
86270c1741a9db8f95b7d6fdef2c62b4
17a3a90ec7e9d33dd84a77509446bf64d73d2e9e
83c1feff94030b6ddf0e2105ef24f444520c4e0fe3a0e6bf618eced3d2725bd2

HTTP Headers

GET /data/assets/logo/TeamOS.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: image/png
content-length: 20927
last-modified: Fri, 14 May 2021 15:05:04 GMT
etag: "609e91a0-51bf"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2067
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EGX%2FDOzJTztnTGMFzQu%2BrCN%2FUCwILHtgTlkKDiTwV0aqIHRuCMiBWqN%2FSO8Z4OprE1vb5yuykwnd3zZnMzyBp%2Fu2Ok4TdsohvhKGdCnz7HBQqq2Zhljvn6QO%2FX6fTOHbOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0074ecd4656a2-OSL
alt-svc: h3=":443"; ma=86400

instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js

192.243.59.12

200 OK

9.8 kB

URL GET HTTP/1.1
instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
FingerprintB3:B4:C7:34:36:45:7C:C8:57:0A:23:0A:32:B1:C8:72:96:4D:85:25
ValidityThu, 14 Mar 2024 07:34:53 GMT - Wed, 12 Jun 2024 07:34:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26648), with no line terminators
Size
9.8 kB (9805 bytes)
Hash
a6bdf60a74431f4a2f0bdeb2ce878a9b
bc29ecdbca7e2cc36d06136c976870fe77d75d79
39edca034a1c7d6255ee20306dd257da68bfeab913065fa0d3b8d95e37ac9a42

HTTP Headers

GET /7326f362b41f2b6bdb387bd9014ae95b/invoke.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 10:25:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d1516e296f0e3d8c4edce52bb0e4a1e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js

192.243.59.12

200 OK

31 kB

URL GET HTTP/1.1
instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
FingerprintB3:B4:C7:34:36:45:7C:C8:57:0A:23:0A:32:B1:C8:72:96:4D:85:25
ValidityThu, 14 Mar 2024 07:34:53 GMT - Wed, 12 Jun 2024 07:34:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30615 bytes)
Hash
c26e996f21c853ce928f5bcda25cab70
271abd40fba2ac2116ffd398ef512e0a196a7408
d81f9bf87071b5ddf4535b995b3543f784a2b6fbf3caabd0b50be0c2490e7bc7

HTTP Headers

GET /a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 10:25:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 29ec5fac5d2c375651299b925667d7d2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c

142.250.74.168

200 OK

90 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
90 kB (89747 bytes)
Hash
072872fc7ffbad3f85412402c8018145
e35a4c38288300a744498a7a852d66c00f1554ec
d02e484cf9c34d527c5dfa5f63cb26b178dac13e5eb63b57b34a4a8c6faedd47

HTTP Headers

GET /gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 May 2024 10:25:47 GMT
expires: Sun, 05 May 2024 10:25:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89747
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://www.teamos.xyz/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
363fda1e2d663fb65aac4eeb365f9872
b37399c9d68dabf3467ab959224b25d20d392896
d812d3c0aa1068bf3f36c755881ec0a1ab774017183a06ca3a5d8883d04d940a

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.teamos.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=2aaa5434-d5dc-4a5a-befe-3933b02dfc7f:1:1; expires=Wed, 03 May 2034 10:25:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://www.teamos.xyz/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
72bc23830a438e96d55469d194baae3e
d633d4a2b3fa02e8e34c930c5a3341ff8090bbe2
bd1920fa201d5369f4a41deb8a3450d66bc73d7e07ba70245c851dd20bbc86f1

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.teamos.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=32950851-1a26-4672-8e47-d39f4f39deb3:1:1; expires=Wed, 03 May 2034 10:25:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js

192.243.59.12

200 OK

12 kB

URL GET HTTP/1.1
instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
FingerprintB3:B4:C7:34:36:45:7C:C8:57:0A:23:0A:32:B1:C8:72:96:4D:85:25
ValidityThu, 14 Mar 2024 07:34:53 GMT - Wed, 12 Jun 2024 07:34:52 GMT

File type
JavaScript source, ASCII text, with very long lines (31286), with no line terminators
Size
12 kB (11836 bytes)
Hash
402603fbd65314f99b6cdc09466aa71b
f40a87a9baf5c90651a489bfdf6fcfcc0378900a
7ddc567684edb8440fc2d8a14fa8bd172f236c04b95d3cd0cf3976dc159a4e67

HTTP Headers

GET /ae333e82cfaead9ba22e64954c139352/invoke.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 10:25:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2214e443ba9fe1dbcbb161c51601c3df
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.teamos.xyz/cdn-cgi/rum?

104.21.71.43

204 No Content

0 B

URL POST HTTP/3
www.teamos.xyz/cdn-cgi/rum?
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1051
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm; dom3ic8zudi28v8lr6fgphwffqoz0j6c=32950851-1a26-4672-8e47-d39f4f39deb3%3A1%3A1; _ga_ZMK4J7B2XT=GS1.1.1714904747.1.0.1714904747.0.0.0; _ga=GA1.1.1097531911.1714904748
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sun, 05 May 2024 10:25:48 GMT
access-control-allow-origin: https://www.teamos.xyz
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87f007535a7b56a2-OSL
x-frame-options: DENY
x-content-type-options: nosniff

unnecessarydispleasedleak.com/ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4

172.240.253.132

200 OK

18 kB

URL GET HTTP/1.1
unnecessarydispleasedleak.com/ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectunnecessarydispleasedleak.com
FingerprintBB:24:D4:C6:12:71:47:B5:5E:A6:B5:D6:E8:C4:E5:F0:8D:76:49:BE
ValidityFri, 03 May 2024 09:20:20 GMT - Thu, 01 Aug 2024 09:20:19 GMT

File type
JSON text data
Size
18 kB (17665 bytes)
Hash
e564d473b123c50c3b096072a2fb3b0b
0a78528483cd3fdc8cb8671650cd62a86917b1bc
c1d2c3bab5535ecbe6a278953f53b4f7f11185b646cd19d29e6c9e2a4e656494

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4 HTTP/1.1
Host: unnecessarydispleasedleak.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 10:25:48 GMT
Content-Type: application/json
Content-Length: 17665
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17773605; expires=Mon, 06 May 2024 10:25:47 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 May 2024 10:25:48 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 May 2024 10:25:48 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 06 May 2024 10:25:48 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 06 May 2024 10:25:48 GMT; secure; SameSite=None
nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991490,4991489]; expires=Sun, 05 May 2024 10:25:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d0ac4559e8ef79fbd2ac346e29dae2f2
Strict-Transport-Security: max-age=0; includeSubdomains

teachingwere.com/watch.1235023733721.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.2071&uuid=32950851-1a26-4672-8e47-d39f4f39deb3%3A1%3A1

192.243.59.13

307 Temporary Redirect

0 B

URL GET HTTP/1.1
teachingwere.com/watch.1235023733721.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.2071&uuid=32950851-1a26-4672-8e47-d39f4f39deb3%3A1%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectteachingwere.com
Fingerprint61:45:7D:82:FE:37:05:B6:95:24:35:E3:99:4F:C1:87:8C:CD:21:B7
ValidityFri, 03 May 2024 09:15:44 GMT - Thu, 01 Aug 2024 09:15:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1235023733721.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.2071&uuid=32950851-1a26-4672-8e47-d39f4f39deb3%3A1%3A1 HTTP/1.1
Host: teachingwere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 May 2024 10:25:48 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Location: https://teachingwere.com/watch.1235023733721.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1714904808&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=5aab010262aab2f619395a9511f212dc6d34bf616d38590c319ae62f219274471aae24926dbe3cfe93a386d694e68a19708bf1a8a4b1b7666d58af75a194e53ddc688eb3a3cd3022978f0b22b7168b4c038afafc10203d348b4c5df6c64d11&tz=0&uuid=32950851-1a26-4672-8e47-d39f4f39deb3%3A1%3A1
Set-Cookie: u_pl=17155452; expires=Mon, 06 May 2024 10:25:48 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE1NTQ1MiwiayI6ImFlMzMzZTgyY2ZhZWFkOWJhMjJlNjQ5NTRjMTM5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODMyNTYxLCJwaWQiOjM4NzE4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyMywicHQiOjQsInBrIjoiYXM3MnhuaXRqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRlYW1vcy54eXovIiwiYXIiOltdfX0.vK4tJsWTw5CV2VlEaDdK8WeL0wD9fKt6UhZ2fr9PJ1M; expires=Sun, 05 May 2024 10:26:48 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3caf01cc91303e468f65d1e2fea1f8da
Strict-Transport-Security: max-age=0; includeSubdomains

unnecessarydispleasedleak.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSujuNFQTHktpe5KLrIpLtn0pNxD4sxZgnGzbqr6Emp6uqZlKnuaqu6picjSHBB9uBhBC966nyTbHANi%2F4AF5ksiASE9C2HDXjzLuQsPQbHfdD9vu99r%2BF77%2FVXe%2Fac%2BLD0bPVdNRRS0sWlhlt%2F9SPPu1bfEIkd1AfLwSdB61pd99%2FoBA33tfqNKNxWi77rua7nevU1oaOuGixWIkR61PEaHbfR8hveUgsD%2FTQ31oGhDnj%2FnMxD8LL22FmACCdI4p9WI7OdqfT1t2MraaY0%2Bvzwg2Q7UXmCeAa72kE3ObzshjKna4%2BgkoOpXaj%2Bf41MlMT57RFYcnhpEqy%2FP%2FXJJKIEjD%2BPvD9BJCcQdIJQ3YXgpwQIOW5uIonv31Q6pzv%2FqrRSS1K7%2BBsiL0ntyQKS%2BOGKFIP6HSVtJlRiMOgWEIMJRG%2BC1B4jG85B5McIsy8h%2BB9k8WIDSby%2FaaSC4MV0diEmEN0JZDQCNQ5s9QgHtuvApg5iflYPPc9ruzyk7nInDJu8HbGAux5tdz3qucEybFjZGyFLRwjlCKHeRap3sS2%2BOV2ah7a%2FwmwVMNyByUrivLeLPi%2BQRwS5IcgpQS4I8owg7xcHXBrfFPe5NJZ5l9m%2FzM1irLLeHj1QWS9KCKgeQfNiLz0nL1Urcl5svYzt6KzebvpBtxn4rOV1fRYwzprLbcY7rteiUWeJwYgCwsxNpx6Kkly5%2BAypKMmzf6Vg9BhGHiMU86DWA80L0K0Cw%2BRBFtFYmcZgZwiuCqRZDdmOsyfPyZXpiTauEkThyfVs%2BOeNhwufI9QFUl3gU%2FGYoCfvjW%2BrnOzfVrkhP2%2BmmYjFkFbnu5PRLHrmwTvRTq40X181ox%2FeDCuhgkfvRybboAkXSc%2BQH1cE55FeUzqMyC%2Fr5sOI3bJma8XqxKYbt95aW49THRkjVDIBFSWpnewgFCV54ckX0z%2Fzqv0aQk%2BgbYHYnpDLgFDHCNNdmHRWM4pAyxlnqYPcFmPts1lRCgIZzThlBcz%2FOJvhsabV11QUe%2BYeeroGmt1FEhfo6wJ9WYDKEYx9bpyl%2BuT6799V8T2YrI2Z1LV9JrX8drrmkrxy0qnQXPVyYER19aZLg86S127TqM1a%2FnI38Dilfivwg4A2kZmy2%2F746B8AAAD%2F%2FwEAAP%2F%2FHUycu30EAAA%3D

172.240.253.132

200 OK

7 B

URL GET HTTP/1.1
unnecessarydispleasedleak.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSujuNFQTHktpe5KLrIpLtn0pNxD4sxZgnGzbqr6Emp6uqZlKnuaqu6picjSHBB9uBhBC966nyTbHANi%2F4AF5ksiASE9C2HDXjzLuQsPQbHfdD9vu99r%2BF77%2FVXe%2Fac%2BLD0bPVdNRRS0sWlhlt%2F9SPPu1bfEIkd1AfLwSdB61pd99%2FoBA33tfqNKNxWi77rua7nevU1oaOuGixWIkR61PEaHbfR8hveUgsD%2FTQ31oGhDnj%2FnMxD8LL22FmACCdI4p9WI7OdqfT1t2MraaY0%2Bvzwg2Q7UXmCeAa72kE3ObzshjKna4%2BgkoOpXaj%2Bf41MlMT57RFYcnhpEqy%2FP%2FXJJKIEjD%2BPvD9BJCcQdIJQ3YXgpwQIOW5uIonv31Q6pzv%2FqrRSS1K7%2BBsiL0ntyQKS%2BOGKFIP6HSVtJlRiMOgWEIMJRG%2BC1B4jG85B5McIsy8h%2BB9k8WIDSby%2FaaSC4MV0diEmEN0JZDQCNQ5s9QgHtuvApg5iflYPPc9ruzyk7nInDJu8HbGAux5tdz3qucEybFjZGyFLRwjlCKHeRap3sS2%2BOV2ah7a%2FwmwVMNyByUrivLeLPi%2BQRwS5IcgpQS4I8owg7xcHXBrfFPe5NJZ5l9m%2FzM1irLLeHj1QWS9KCKgeQfNiLz0nL1Urcl5svYzt6KzebvpBtxn4rOV1fRYwzprLbcY7rteiUWeJwYgCwsxNpx6Kkly5%2BAypKMmzf6Vg9BhGHiMU86DWA80L0K0Cw%2BRBFtFYmcZgZwiuCqRZDdmOsyfPyZXpiTauEkThyfVs%2BOeNhwufI9QFUl3gU%2FGYoCfvjW%2BrnOzfVrkhP2%2BmmYjFkFbnu5PRLHrmwTvRTq40X181ox%2FeDCuhgkfvRybboAkXSc%2BQH1cE55FeUzqMyC%2Fr5sOI3bJma8XqxKYbt95aW49THRkjVDIBFSWpnewgFCV54ckX0z%2Fzqv0aQk%2BgbYHYnpDLgFDHCNNdmHRWM4pAyxlnqYPcFmPts1lRCgIZzThlBcz%2FOJvhsabV11QUe%2BYeeroGmt1FEhfo6wJ9WYDKEYx9bpyl%2BuT6799V8T2YrI2Z1LV9JrX8drrmkrxy0qnQXPVyYER19aZLg86S127TqM1a%2FnI38Dilfivwg4A2kZmy2%2F746B8AAAD%2F%2FwEAAP%2F%2FHUycu30EAAA%3D
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectunnecessarydispleasedleak.com
FingerprintBB:24:D4:C6:12:71:47:B5:5E:A6:B5:D6:E8:C4:E5:F0:8D:76:49:BE
ValidityFri, 03 May 2024 09:20:20 GMT - Thu, 01 Aug 2024 09:20:19 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSujuNFQTHktpe5KLrIpLtn0pNxD4sxZgnGzbqr6Emp6uqZlKnuaqu6picjSHBB9uBhBC966nyTbHANi%2F4AF5ksiASE9C2HDXjzLuQsPQbHfdD9vu99r%2BF77%2FVXe%2Fac%2BLD0bPVdNRRS0sWlhlt%2F9SPPu1bfEIkd1AfLwSdB61pd99%2FoBA33tfqNKNxWi77rua7nevU1oaOuGixWIkR61PEaHbfR8hveUgsD%2FTQ31oGhDnj%2FnMxD8LL22FmACCdI4p9WI7OdqfT1t2MraaY0%2Bvzwg2Q7UXmCeAa72kE3ObzshjKna4%2BgkoOpXaj%2Bf41MlMT57RFYcnhpEqy%2FP%2FXJJKIEjD%2BPvD9BJCcQdIJQ3YXgpwQIOW5uIonv31Q6pzv%2FqrRSS1K7%2BBsiL0ntyQKS%2BOGKFIP6HSVtJlRiMOgWEIMJRG%2BC1B4jG85B5McIsy8h%2BB9k8WIDSby%2FaaSC4MV0diEmEN0JZDQCNQ5s9QgHtuvApg5iflYPPc9ruzyk7nInDJu8HbGAux5tdz3qucEybFjZGyFLRwjlCKHeRap3sS2%2BOV2ah7a%2FwmwVMNyByUrivLeLPi%2BQRwS5IcgpQS4I8owg7xcHXBrfFPe5NJZ5l9m%2FzM1irLLeHj1QWS9KCKgeQfNiLz0nL1Urcl5svYzt6KzebvpBtxn4rOV1fRYwzprLbcY7rteiUWeJwYgCwsxNpx6Kkly5%2BAypKMmzf6Vg9BhGHiMU86DWA80L0K0Cw%2BRBFtFYmcZgZwiuCqRZDdmOsyfPyZXpiTauEkThyfVs%2BOeNhwufI9QFUl3gU%2FGYoCfvjW%2BrnOzfVrkhP2%2BmmYjFkFbnu5PRLHrmwTvRTq40X181ox%2FeDCuhgkfvRybboAkXSc%2BQH1cE55FeUzqMyC%2Fr5sOI3bJma8XqxKYbt95aW49THRkjVDIBFSWpnewgFCV54ckX0z%2Fzqv0aQk%2BgbYHYnpDLgFDHCNNdmHRWM4pAyxlnqYPcFmPts1lRCgIZzThlBcz%2FOJvhsabV11QUe%2BYeeroGmt1FEhfo6wJ9WYDKEYx9bpyl%2BuT6799V8T2YrI2Z1LV9JrX8drrmkrxy0qnQXPVyYER19aZLg86S127TqM1a%2FnI38Dilfivwg4A2kZmy2%2F746B8AAAD%2F%2FwEAAP%2F%2FHUycu30EAAA%3D HTTP/1.1
Host: unnecessarydispleasedleak.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991490,4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 10:25:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0fd128be5f5a28381975a3135479ad62
Strict-Transport-Security: max-age=0; includeSubdomains

teachingwere.com/watch.1235023733721.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1714904808&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=5aab010262aab2f619395a9511f212dc6d34bf616d38590c319ae62f219274471aae24926dbe3cfe93a386d694e68a19708bf1a8a4b1b7666d58af75a194e53ddc688eb3a3cd3022978f0b22b7168b4c038afafc10203d348b4c5df6c64d11&tz=0&uuid=32950851-1a26-4672-8e47-d39f4f39deb3%3A1%3A1

192.243.59.13

200 OK

2.0 kB

URL GET HTTP/1.1
teachingwere.com/watch.1235023733721.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1714904808&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=5aab010262aab2f619395a9511f212dc6d34bf616d38590c319ae62f219274471aae24926dbe3cfe93a386d694e68a19708bf1a8a4b1b7666d58af75a194e53ddc688eb3a3cd3022978f0b22b7168b4c038afafc10203d348b4c5df6c64d11&tz=0&uuid=32950851-1a26-4672-8e47-d39f4f39deb3%3A1%3A1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectteachingwere.com
Fingerprint61:45:7D:82:FE:37:05:B6:95:24:35:E3:99:4F:C1:87:8C:CD:21:B7
ValidityFri, 03 May 2024 09:15:44 GMT - Thu, 01 Aug 2024 09:15:43 GMT

File type
JavaScript source, ASCII text, with very long lines (2430)
Size
2.0 kB (1969 bytes)
Hash
3be27c85bafd4721cb1189cc46e0f8d5
2144172920183ddef4f8e665894c5d38f1e692c5
f11bca7f8da42ef38568b0b8db35bc8c76d358d6e70462363bdbe6ff670226be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1235023733721.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1714904808&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=5aab010262aab2f619395a9511f212dc6d34bf616d38590c319ae62f219274471aae24926dbe3cfe93a386d694e68a19708bf1a8a4b1b7666d58af75a194e53ddc688eb3a3cd3022978f0b22b7168b4c038afafc10203d348b4c5df6c64d11&tz=0&uuid=32950851-1a26-4672-8e47-d39f4f39deb3%3A1%3A1 HTTP/1.1
Host: teachingwere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17155452; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE1NTQ1MiwiayI6ImFlMzMzZTgyY2ZhZWFkOWJhMjJlNjQ5NTRjMTM5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODMyNTYxLCJwaWQiOjM4NzE4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyMywicHQiOjQsInBrIjoiYXM3MnhuaXRqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRlYW1vcy54eXovIiwiYXIiOltdfX0.vK4tJsWTw5CV2VlEaDdK8WeL0wD9fKt6UhZ2fr9PJ1M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 10:25:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=32950851-1a26-4672-8e47-d39f4f39deb3:1:1; expires=Sun, 12 May 2024 10:25:48 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 May 2024 10:25:48 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 May 2024 10:25:48 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 May 2024 10:25:48 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 May 2024 10:25:48 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c387604674918329343bb49130f12279
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

unnecessarydispleasedleak.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSujuNFQTHktpe5KLrIpLtn0pNxD4sxZgnGzbqr6Emp6uqZlKnuaqu6picjSHBB9iKM4EVPnW%2BSDa5h0R%2FgIpMFkYCQvuWwAW%2FehZylZ4OjD4r3vfpewffeV1%2Ft2XPiw9Kz1XfVUEhJF5cabv3VjzzvWn1DJHZQHywHnwSta3Xdf6MTNNzX6jeicFst%2Bq7nup7r1deEjrpqsFiREOlRx2t03EbLb3hLLQz0%2F2tjHRjqgPfPyTwEL2uPnQWIcIIk%2Fmk1MtuZSl9%2FO7aSZkqjzw8%2FSLYTlSeIZ7CrHXSTw8tuKHO69ggqOZjKher%2F28hESZzfHoElh5ciwfr7U51MIkrA%2BPPI%2BxNEcgJBJwjVXQh%2BSoCQ4%2BYmkvj%2BTaVzuvOUpRVbktrF3xB5SWpPFpDED1ekGNTvKGkzoRKDQbeAGEwgehOk9hjZcA4iP0aYfQnB%2FyCLFxtI4v1NIxUEL6azCzGB6E4goxGocWCrIxzYrgObOoj5WT30PK%2Ft8pC6y50wbPJ2xALuerTd9ajnBsuwYSVvhCwdIZQjhHoXqd7FtvjmdGke2v4Ks1XAcAcmK4nz3i76vEAeEeSGIKcEuSDIM4K8XxxwaXxT3OfSWOZdZv8yN4uxynp79EBlvSghoHoEzYu99Jy8VK3IebH1Mrajs3q76QfdZuCzltf1WcA4ay63Ge%2B4XotGnSUGIwoIMzedeihKcuXiM6SiJM%2F%2BlYLRYxh5jFDMg1oPNC9AtwoMkwdZRGNlGoOdIbgqkGY1ZDvOnjwnV6YWbVx1EIUn17PhnzceLnyOUBdIdYFPxWOCnrw3vq1ysn9b5Yb8vJlmIhZDWtl3J6NZ9MyDd6KdXGm%2BvmpGP7wZVkQFj96PTLZBEy6SniE%2FrgjOI72mdBiRX9bNhxG7Zc3WitWJTTduvbW2Hqc6MkaoZAIqSlI72UEoSvLCky%2BmP%2FOq%2FRpCT6BtgdiekMuAUMcI012YdKbfKAItZz0srSG3xVj7bHYpBYGMZjVlBcx%2FajbDY02r11QUe%2BYeeroGmt1FEhfo6wJ9WYDKEYx9bpyl%2BuT6799V8T2YrI2Z1LV9JrX8tlozKckrJ50KzT3duhGV602XBp0lr92mUZu1%2FOVu4HFK%2FVbgBwFtIjNlt%2F3x0T8AAAD%2F%2FwEAAP%2F%2FSC6hvX0EAAA%3D

172.240.253.132

200 OK

7 B

URL GET HTTP/1.1
unnecessarydispleasedleak.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSujuNFQTHktpe5KLrIpLtn0pNxD4sxZgnGzbqr6Emp6uqZlKnuaqu6picjSHBB9iKM4EVPnW%2BSDa5h0R%2FgIpMFkYCQvuWwAW%2FehZylZ4OjD4r3vfpewffeV1%2Ft2XPiw9Kz1XfVUEhJF5cabv3VjzzvWn1DJHZQHywHnwSta3Xdf6MTNNzX6jeicFst%2Bq7nup7r1deEjrpqsFiREOlRx2t03EbLb3hLLQz0%2F2tjHRjqgPfPyTwEL2uPnQWIcIIk%2Fmk1MtuZSl9%2FO7aSZkqjzw8%2FSLYTlSeIZ7CrHXSTw8tuKHO69ggqOZjKher%2F28hESZzfHoElh5ciwfr7U51MIkrA%2BPPI%2BxNEcgJBJwjVXQh%2BSoCQ4%2BYmkvj%2BTaVzuvOUpRVbktrF3xB5SWpPFpDED1ekGNTvKGkzoRKDQbeAGEwgehOk9hjZcA4iP0aYfQnB%2FyCLFxtI4v1NIxUEL6azCzGB6E4goxGocWCrIxzYrgObOoj5WT30PK%2Ft8pC6y50wbPJ2xALuerTd9ajnBsuwYSVvhCwdIZQjhHoXqd7FtvjmdGke2v4Ks1XAcAcmK4nz3i76vEAeEeSGIKcEuSDIM4K8XxxwaXxT3OfSWOZdZv8yN4uxynp79EBlvSghoHoEzYu99Jy8VK3IebH1Mrajs3q76QfdZuCzltf1WcA4ay63Ge%2B4XotGnSUGIwoIMzedeihKcuXiM6SiJM%2F%2BlYLRYxh5jFDMg1oPNC9AtwoMkwdZRGNlGoOdIbgqkGY1ZDvOnjwnV6YWbVx1EIUn17PhnzceLnyOUBdIdYFPxWOCnrw3vq1ysn9b5Yb8vJlmIhZDWtl3J6NZ9MyDd6KdXGm%2BvmpGP7wZVkQFj96PTLZBEy6SniE%2FrgjOI72mdBiRX9bNhxG7Zc3WitWJTTduvbW2Hqc6MkaoZAIqSlI72UEoSvLCky%2BmP%2FOq%2FRpCT6BtgdiekMuAUMcI012YdKbfKAItZz0srSG3xVj7bHYpBYGMZjVlBcx%2FajbDY02r11QUe%2BYeeroGmt1FEhfo6wJ9WYDKEYx9bpyl%2BuT6799V8T2YrI2Z1LV9JrX8tlozKckrJ50KzT3duhGV602XBp0lr92mUZu1%2FOVu4HFK%2FVbgBwFtIjNlt%2F3x0T8AAAD%2F%2FwEAAP%2F%2FSC6hvX0EAAA%3D
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectunnecessarydispleasedleak.com
FingerprintBB:24:D4:C6:12:71:47:B5:5E:A6:B5:D6:E8:C4:E5:F0:8D:76:49:BE
ValidityFri, 03 May 2024 09:20:20 GMT - Thu, 01 Aug 2024 09:20:19 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSujuNFQTHktpe5KLrIpLtn0pNxD4sxZgnGzbqr6Emp6uqZlKnuaqu6picjSHBB9iKM4EVPnW%2BSDa5h0R%2FgIpMFkYCQvuWwAW%2FehZylZ4OjD4r3vfpewffeV1%2Ft2XPiw9Kz1XfVUEhJF5cabv3VjzzvWn1DJHZQHywHnwSta3Xdf6MTNNzX6jeicFst%2Bq7nup7r1deEjrpqsFiREOlRx2t03EbLb3hLLQz0%2F2tjHRjqgPfPyTwEL2uPnQWIcIIk%2Fmk1MtuZSl9%2FO7aSZkqjzw8%2FSLYTlSeIZ7CrHXSTw8tuKHO69ggqOZjKher%2F28hESZzfHoElh5ciwfr7U51MIkrA%2BPPI%2BxNEcgJBJwjVXQh%2BSoCQ4%2BYmkvj%2BTaVzuvOUpRVbktrF3xB5SWpPFpDED1ekGNTvKGkzoRKDQbeAGEwgehOk9hjZcA4iP0aYfQnB%2FyCLFxtI4v1NIxUEL6azCzGB6E4goxGocWCrIxzYrgObOoj5WT30PK%2Ft8pC6y50wbPJ2xALuerTd9ajnBsuwYSVvhCwdIZQjhHoXqd7FtvjmdGke2v4Ks1XAcAcmK4nz3i76vEAeEeSGIKcEuSDIM4K8XxxwaXxT3OfSWOZdZv8yN4uxynp79EBlvSghoHoEzYu99Jy8VK3IebH1Mrajs3q76QfdZuCzltf1WcA4ay63Ge%2B4XotGnSUGIwoIMzedeihKcuXiM6SiJM%2F%2BlYLRYxh5jFDMg1oPNC9AtwoMkwdZRGNlGoOdIbgqkGY1ZDvOnjwnV6YWbVx1EIUn17PhnzceLnyOUBdIdYFPxWOCnrw3vq1ysn9b5Yb8vJlmIhZDWtl3J6NZ9MyDd6KdXGm%2BvmpGP7wZVkQFj96PTLZBEy6SniE%2FrgjOI72mdBiRX9bNhxG7Zc3WitWJTTduvbW2Hqc6MkaoZAIqSlI72UEoSvLCky%2BmP%2FOq%2FRpCT6BtgdiekMuAUMcI012YdKbfKAItZz0srSG3xVj7bHYpBYGMZjVlBcx%2FajbDY02r11QUe%2BYeeroGmt1FEhfo6wJ9WYDKEYx9bpyl%2BuT6799V8T2YrI2Z1LV9JrX8tlozKckrJ50KzT3duhGV602XBp0lr92mUZu1%2FOVu4HFK%2FVbgBwFtIjNlt%2F3x0T8AAAD%2F%2FwEAAP%2F%2FSC6hvX0EAAA%3D HTTP/1.1
Host: unnecessarydispleasedleak.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991490,4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 05 May 2024 10:25:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 539b2d8300e13be8b63f7bbd8defe101
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/a9/ff/a0/a9ffa01d67dc7ae81a6be78d9e8cba68/1607244955.png

45.133.44.10

200 OK

138 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/a9/ff/a0/a9ffa01d67dc7ae81a6be78d9e8cba68/1607244955.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGB, non-interlaced
Size
138 kB (138228 bytes)
Hash
a1b5d3b0685e665b6700086c76d2e49a
bdd19c70246c8512f57fb78b141deb62c480062e
8f81d13ebe33c2b4a8080dda590f74de7185149f6453b5a7613dfdb5d352b06e

HTTP Headers

GET /cti/a9/ff/a0/a9ffa01d67dc7ae81a6be78d9e8cba68/1607244955.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:25:48 GMT
content-type: image/png
content-length: 138228
server: nginx/1.21.6
last-modified: Sun, 06 Dec 2020 08:56:05 GMT
etag: "5fcc9ca5-21bf4"
expires: Tue, 07 May 2024 10:25:48 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png

45.133.44.10

200 OK

120 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
120 kB (119965 bytes)
Hash
c5a83c3079df6439410f74f3e8de6930
66dab231922cc92db7c41f49d7bdb7da1dfde08a
ee0745b5678c7e4277047ba8f87d53ee77e60a4985dace65c73b970521dbf1f8

HTTP Headers

GET /si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:25:48 GMT
content-type: image/png
content-length: 119965
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:15 GMT
etag: "65f95767-1d49d"
expires: Tue, 07 May 2024 10:25:48 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png

45.133.44.10

200 OK

105 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
105 kB (104949 bytes)
Hash
440d0ebcc9ae01aba77f74d9015ff0b3
9065b873ac93b45da1765682071eaaf6efe12e5c
7834596c29b94d74435163b3875c5042082912c1aff529986b0235cd9b7b27cc

HTTP Headers

GET /si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:25:48 GMT
content-type: image/png
content-length: 104949
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:37 GMT
etag: "65f9577d-199f5"
expires: Tue, 07 May 2024 10:25:48 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png

45.133.44.10

200 OK

184 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
184 kB (183812 bytes)
Hash
adc709f858c8b4ff4ce26a2757b75131
c91b170aba4aafdca5690d29e17f61b6505e15c1
ad475e95022da6d65aec3479ad3b4ff6d36dc85bbc634d750cdd575ea1a985ce

HTTP Headers

GET /si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:25:48 GMT
content-type: image/png
content-length: 183812
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 19:50:20 GMT
etag: "65cd197c-2ce04"
expires: Tue, 07 May 2024 10:25:48 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/19/f2/1c/19f21c1bed9621680fc6d126709d678c/1627917293.png

45.133.44.10

200 OK

48 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/19/f2/1c/19f21c1bed9621680fc6d126709d678c/1627917293.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced
Size
48 kB (48540 bytes)
Hash
407f211e032589d74fc4efbb9850dc01
aca22f4084875231eeb11c4fbb7578f6158c1613
3c840c1741fd2d23992a213bcfedd3da37a7fa73b3ac47c2607df77d49db93b8

HTTP Headers

GET /cti/19/f2/1c/19f21c1bed9621680fc6d126709d678c/1627917293.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 10:25:48 GMT
content-type: image/png
content-length: 48540
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:15:00 GMT
etag: "61080bf4-bd9c"
expires: Tue, 07 May 2024 10:25:48 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

unnecessarydispleasedleak.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuzo4XBcWQ217mougik%2B6eSU%2FGPSzGmCUYN%2BuuoielqqtnUqa6q63qmp6MIMEF2ZOM4EVPnW%2BSDa5h0R%2FgIpMFkYCQvuWwAW%2FehZylx%2BDog%2B73Xn2v4HvfV1%2Fu2XPiw9Kz1XfUUEhJF5cabv2VDz3ven1DJHZQHywHHwet63Xdf70TNNxX6zejcFst%2Bq7nup7r1deEjrpqsFiBEOlRx2t03EbLb3hLLQz0%2F3tjHRjqgPfPyTwEL2tPnAWIcIIk%2FnE1MtuZSl97K7aSZkqjzw%2FfT7YTlSeIZ2VXO%2Bgmh5fTUOZ07TFUcjClC9X%2Fd5CJkji%2FPgZLDi9JgvX3pzyZRJSA8eeQ9yeI5ASCThCqexD8lAAhx61NJPGDW0rndOcflFZoSWoXf0HkJak9XUASP1qRYlC%2Fq6TNhEoMBt0CYjCB6E2Q2mNkwzmI%2FBhh9gUE%2F50sXmwgifc3jVQQvJjuLsQEojuBjEagxoGtPuHAdh3Y1EHMz%2Bqh53ltl4fUXe6EYZO3IxZw16Ptrkc9N1iGDSt6I2TpCKEcIdS7SPUutsXXp0vz0PYXmK0ChjswWUmcd3fR5wXyiCA3BDklyAVBnhHk%2FeKAS%2BOb4gGXxjLvMvuXuVmMVdbbowcq60UJAdUjaF7spefkxUoi54XWS9iOzurtph90m4HPWl7XZwHjrLncZrzjei0adZYYjCggzNx066EoydWLT5GKkjzzZwpGj2HkMUIxD2o90LwA3SowTB5mEY2VaQx2huCqQJrVkO04e%2FKcXJ1atHFtDlF4ciMb%2FnHz0cJnCHWBVBf4RDwh6Mn74zsqJ%2Ft3VG7IT5tpJmIxpJV9dzOaRVcevh3t5Erz9VUz%2Bv6NsAKq8ui9yGQbNOEi6Rnyw4rgPNJrSocR%2BXndfBCx29ZsrVid2HTj9ptr63GqI2OESiagoiS1kx2EoiTPP%2F18%2BjKv2a8g9ATaFojtCbkMCHWMMN2FSWf8jSLQcjbD0ivIbTHWPpsdSkEgo1lPWQHzn57N6rGm1W0qij1zHz1dA83uIYkL9HWBvixA5QjGPjvOUn1y47dvq%2FgOTNbGTOraPpNaflPJTEry8klnKnj1c2BE5XrTpUFnyWu3adRmLX%2B5G3icUr8V%2BEFAm8hM2W1%2FdPQ3AAAA%2F%2F8BAAD%2F%2FyGvuQV9BAAA

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
unnecessarydispleasedleak.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuzo4XBcWQ217mougik%2B6eSU%2FGPSzGmCUYN%2BuuoielqqtnUqa6q63qmp6MIMEF2ZOM4EVPnW%2BSDa5h0R%2FgIpMFkYCQvuWwAW%2FehZylx%2BDog%2B73Xn2v4HvfV1%2Fu2XPiw9Kz1XfUUEhJF5cabv2VDz3ven1DJHZQHywHHwet63Xdf70TNNxX6zejcFst%2Bq7nup7r1deEjrpqsFiBEOlRx2t03EbLb3hLLQz0%2F3tjHRjqgPfPyTwEL2tPnAWIcIIk%2FnE1MtuZSl97K7aSZkqjzw%2FfT7YTlSeIZ2VXO%2Bgmh5fTUOZ07TFUcjClC9X%2Fd5CJkji%2FPgZLDi9JgvX3pzyZRJSA8eeQ9yeI5ASCThCqexD8lAAhx61NJPGDW0rndOcflFZoSWoXf0HkJak9XUASP1qRYlC%2Fq6TNhEoMBt0CYjCB6E2Q2mNkwzmI%2FBhh9gUE%2F50sXmwgifc3jVQQvJjuLsQEojuBjEagxoGtPuHAdh3Y1EHMz%2Bqh53ltl4fUXe6EYZO3IxZw16Ptrkc9N1iGDSt6I2TpCKEcIdS7SPUutsXXp0vz0PYXmK0ChjswWUmcd3fR5wXyiCA3BDklyAVBnhHk%2FeKAS%2BOb4gGXxjLvMvuXuVmMVdbbowcq60UJAdUjaF7spefkxUoi54XWS9iOzurtph90m4HPWl7XZwHjrLncZrzjei0adZYYjCggzNx066EoydWLT5GKkjzzZwpGj2HkMUIxD2o90LwA3SowTB5mEY2VaQx2huCqQJrVkO04e%2FKcXJ1atHFtDlF4ciMb%2FnHz0cJnCHWBVBf4RDwh6Mn74zsqJ%2Ft3VG7IT5tpJmIxpJV9dzOaRVcevh3t5Erz9VUz%2Bv6NsAKq8ui9yGQbNOEi6Rnyw4rgPNJrSocR%2BXndfBCx29ZsrVid2HTj9ptr63GqI2OESiagoiS1kx2EoiTPP%2F18%2BjKv2a8g9ATaFojtCbkMCHWMMN2FSWf8jSLQcjbD0ivIbTHWPpsdSkEgo1lPWQHzn57N6rGm1W0qij1zHz1dA83uIYkL9HWBvixA5QjGPjvOUn1y47dvq%2FgOTNbGTOraPpNaflPJTEry8klnKnj1c2BE5XrTpUFnyWu3adRmLX%2B5G3icUr8V%2BEFAm8hM2W1%2FdPQ3AAAA%2F%2F8BAAD%2F%2FyGvuQV9BAAA
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectunnecessarydispleasedleak.com
FingerprintBB:24:D4:C6:12:71:47:B5:5E:A6:B5:D6:E8:C4:E5:F0:8D:76:49:BE
ValidityFri, 03 May 2024 09:20:20 GMT - Thu, 01 Aug 2024 09:20:19 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuzo4XBcWQ217mougik%2B6eSU%2FGPSzGmCUYN%2BuuoielqqtnUqa6q63qmp6MIMEF2ZOM4EVPnW%2BSDa5h0R%2FgIpMFkYCQvuWwAW%2FehZylx%2BDog%2B73Xn2v4HvfV1%2Fu2XPiw9Kz1XfUUEhJF5cabv2VDz3ven1DJHZQHywHHwet63Xdf70TNNxX6zejcFst%2Bq7nup7r1deEjrpqsFiBEOlRx2t03EbLb3hLLQz0%2F3tjHRjqgPfPyTwEL2tPnAWIcIIk%2FnE1MtuZSl97K7aSZkqjzw%2FfT7YTlSeIZ2VXO%2Bgmh5fTUOZ07TFUcjClC9X%2Fd5CJkji%2FPgZLDi9JgvX3pzyZRJSA8eeQ9yeI5ASCThCqexD8lAAhx61NJPGDW0rndOcflFZoSWoXf0HkJak9XUASP1qRYlC%2Fq6TNhEoMBt0CYjCB6E2Q2mNkwzmI%2FBhh9gUE%2F50sXmwgifc3jVQQvJjuLsQEojuBjEagxoGtPuHAdh3Y1EHMz%2Bqh53ltl4fUXe6EYZO3IxZw16Ptrkc9N1iGDSt6I2TpCKEcIdS7SPUutsXXp0vz0PYXmK0ChjswWUmcd3fR5wXyiCA3BDklyAVBnhHk%2FeKAS%2BOb4gGXxjLvMvuXuVmMVdbbowcq60UJAdUjaF7spefkxUoi54XWS9iOzurtph90m4HPWl7XZwHjrLncZrzjei0adZYYjCggzNx066EoydWLT5GKkjzzZwpGj2HkMUIxD2o90LwA3SowTB5mEY2VaQx2huCqQJrVkO04e%2FKcXJ1atHFtDlF4ciMb%2FnHz0cJnCHWBVBf4RDwh6Mn74zsqJ%2Ft3VG7IT5tpJmIxpJV9dzOaRVcevh3t5Erz9VUz%2Bv6NsAKq8ui9yGQbNOEi6Rnyw4rgPNJrSocR%2BXndfBCx29ZsrVid2HTj9ptr63GqI2OESiagoiS1kx2EoiTPP%2F18%2BjKv2a8g9ATaFojtCbkMCHWMMN2FSWf8jSLQcjbD0ivIbTHWPpsdSkEgo1lPWQHzn57N6rGm1W0qij1zHz1dA83uIYkL9HWBvixA5QjGPjvOUn1y47dvq%2FgOTNbGTOraPpNaflPJTEry8klnKnj1c2BE5XrTpUFnyWu3adRmLX%2B5G3icUr8V%2BEFAm8hM2W1%2FdPQ3AAAA%2F%2F8BAAD%2F%2FyGvuQV9BAAA HTTP/1.1
Host: unnecessarydispleasedleak.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991490,4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 10:25:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef31cdcb802e0ab1ba7ac82e6f800da3
Strict-Transport-Security: max-age=0; includeSubdomains

unnecessarydispleasedleak.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReuDvP%2FBz2IcW97mYuiIpPunklPxj2IMUaCcbPuKgqCUtVVPSlT3dVWdU9P5hRckD2OoAc9db5JNrgG0bO4SGdBJCBkbjmYs3chePAgPQZHH3S%2F73vfa%2Fjee%2F3Jfn5BfOT0fO0NPZJK0aXlltt89l3Pu9HclEk%2BbA5Xgg%2BCzo2mGbzYC1ruc83XRLijl3zXc13P9Zrr0ohID5dqETI97nmtntvq%2BC1vuYOh%2BS%2B3uQNLHfDBBVmE5NPGI%2BcaZFghib9dE3Yn0%2BkLr8a5opk2GPCjt5OdRBcJ4jmMjIMoObrqhrZn6w%2Bhk8OZXejBP41MTonz00Ow5OjKJNjgYOaTKYgEjD%2BOYlBBqAqSVgj1XUh%2BRoCQ4%2BYWkvj%2BTW0Kuvu3Smt1ShqXv0MWU9L49RqS%2BJtVJYfNO1rlmdSJxTAqIYcVZL9Cmp8gGy1AFicIs48h%2BS9k6XITSXywZZWG5OVsdikryKiCEmNQ6yCvH%2BkgjxzkqYOYnzdDz%2FO6Lg%2Bpu9ILwzbvChZw16PdyKOeG6wgD2t7Y2TpGKEaIzR7SM0eduSnZ8uLMPmPsNslLHdgsylx3tzDgJcoBEFhCQpKUEiCIiMoBuUhV9a35X2ubM68q%2Bxf5XY50Vl%2Fnx7qrC8SAmrGMLzcTy%2FIk%2FWKnCc6T2NHnDe7bT%2BI2oHPOl7ks4Bx1l7pMt5zvQ4VvWUGK0tIuzCbeiSn5PrlR0jllPzvtxSMnsCqE4RyETT3QIsSdLvEKHmQCRpr2xrujsB1iTRrINt19tUFuT470TOnPYjwlFwFQlMiNSU%2BlI8I%2Bure5LYuyMFtXVjy3VaayViOaH2%2BOxnNxP8fvC52C234xpodf%2FVyWAs1PH5L2GyTJlwmfUu%2BXpWcC7OuTSjIDxv2HcFu5XZ7NTdJnm7eemV9I06NsFbqpAKVZ1t%2FIKwH%2B%2FPz2X%2F51HvfQ5oKJi8R53OnUlcI0z3YdF6zmsCoOWfpAoq8nBifzYtKEigx55SVsP%2FibI4nhtZfU1nu23vomwZodhdJXGJgSgxUCarGsPljkyw1py%2F9%2FEUdX4KpxoQp0zhgyqjPpmTzeTLbdI0W6pcDK%2Bubt10a9Ja9bpeKLuv4K1HgcUr9TuAHAW0js9Oo%2B%2F7xXwAAAP%2F%2FAQAA%2F%2F%2FPy8bzewQAAA%3D%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
unnecessarydispleasedleak.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReuDvP%2FBz2IcW97mYuiIpPunklPxj2IMUaCcbPuKgqCUtVVPSlT3dVWdU9P5hRckD2OoAc9db5JNrgG0bO4SGdBJCBkbjmYs3chePAgPQZHH3S%2F73vfa%2Fjee%2F3Jfn5BfOT0fO0NPZJK0aXlltt89l3Pu9HclEk%2BbA5Xgg%2BCzo2mGbzYC1ruc83XRLijl3zXc13P9Zrr0ohID5dqETI97nmtntvq%2BC1vuYOh%2BS%2B3uQNLHfDBBVmE5NPGI%2BcaZFghib9dE3Yn0%2BkLr8a5opk2GPCjt5OdRBcJ4jmMjIMoObrqhrZn6w%2Bhk8OZXejBP41MTonz00Ow5OjKJNjgYOaTKYgEjD%2BOYlBBqAqSVgj1XUh%2BRoCQ4%2BYWkvj%2BTW0Kuvu3Smt1ShqXv0MWU9L49RqS%2BJtVJYfNO1rlmdSJxTAqIYcVZL9Cmp8gGy1AFicIs48h%2BS9k6XITSXywZZWG5OVsdikryKiCEmNQ6yCvH%2BkgjxzkqYOYnzdDz%2FO6Lg%2Bpu9ILwzbvChZw16PdyKOeG6wgD2t7Y2TpGKEaIzR7SM0eduSnZ8uLMPmPsNslLHdgsylx3tzDgJcoBEFhCQpKUEiCIiMoBuUhV9a35X2ubM68q%2Bxf5XY50Vl%2Fnx7qrC8SAmrGMLzcTy%2FIk%2FWKnCc6T2NHnDe7bT%2BI2oHPOl7ks4Bx1l7pMt5zvQ4VvWUGK0tIuzCbeiSn5PrlR0jllPzvtxSMnsCqE4RyETT3QIsSdLvEKHmQCRpr2xrujsB1iTRrINt19tUFuT470TOnPYjwlFwFQlMiNSU%2BlI8I%2Bure5LYuyMFtXVjy3VaayViOaH2%2BOxnNxP8fvC52C234xpodf%2FVyWAs1PH5L2GyTJlwmfUu%2BXpWcC7OuTSjIDxv2HcFu5XZ7NTdJnm7eemV9I06NsFbqpAKVZ1t%2FIKwH%2B%2FPz2X%2F51HvfQ5oKJi8R53OnUlcI0z3YdF6zmsCoOWfpAoq8nBifzYtKEigx55SVsP%2FibI4nhtZfU1nu23vomwZodhdJXGJgSgxUCarGsPljkyw1py%2F9%2FEUdX4KpxoQp0zhgyqjPpmTzeTLbdI0W6pcDK%2Bubt10a9Ja9bpeKLuv4K1HgcUr9TuAHAW0js9Oo%2B%2F7xXwAAAP%2F%2FAQAA%2F%2F%2FPy8bzewQAAA%3D%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectunnecessarydispleasedleak.com
FingerprintBB:24:D4:C6:12:71:47:B5:5E:A6:B5:D6:E8:C4:E5:F0:8D:76:49:BE
ValidityFri, 03 May 2024 09:20:20 GMT - Thu, 01 Aug 2024 09:20:19 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReuDvP%2FBz2IcW97mYuiIpPunklPxj2IMUaCcbPuKgqCUtVVPSlT3dVWdU9P5hRckD2OoAc9db5JNrgG0bO4SGdBJCBkbjmYs3chePAgPQZHH3S%2F73vfa%2Fjee%2F3Jfn5BfOT0fO0NPZJK0aXlltt89l3Pu9HclEk%2BbA5Xgg%2BCzo2mGbzYC1ruc83XRLijl3zXc13P9Zrr0ohID5dqETI97nmtntvq%2BC1vuYOh%2BS%2B3uQNLHfDBBVmE5NPGI%2BcaZFghib9dE3Yn0%2BkLr8a5opk2GPCjt5OdRBcJ4jmMjIMoObrqhrZn6w%2Bhk8OZXejBP41MTonz00Ow5OjKJNjgYOaTKYgEjD%2BOYlBBqAqSVgj1XUh%2BRoCQ4%2BYWkvj%2BTW0Kuvu3Smt1ShqXv0MWU9L49RqS%2BJtVJYfNO1rlmdSJxTAqIYcVZL9Cmp8gGy1AFicIs48h%2BS9k6XITSXywZZWG5OVsdikryKiCEmNQ6yCvH%2BkgjxzkqYOYnzdDz%2FO6Lg%2Bpu9ILwzbvChZw16PdyKOeG6wgD2t7Y2TpGKEaIzR7SM0eduSnZ8uLMPmPsNslLHdgsylx3tzDgJcoBEFhCQpKUEiCIiMoBuUhV9a35X2ubM68q%2Bxf5XY50Vl%2Fnx7qrC8SAmrGMLzcTy%2FIk%2FWKnCc6T2NHnDe7bT%2BI2oHPOl7ks4Bx1l7pMt5zvQ4VvWUGK0tIuzCbeiSn5PrlR0jllPzvtxSMnsCqE4RyETT3QIsSdLvEKHmQCRpr2xrujsB1iTRrINt19tUFuT470TOnPYjwlFwFQlMiNSU%2BlI8I%2Bure5LYuyMFtXVjy3VaayViOaH2%2BOxnNxP8fvC52C234xpodf%2FVyWAs1PH5L2GyTJlwmfUu%2BXpWcC7OuTSjIDxv2HcFu5XZ7NTdJnm7eemV9I06NsFbqpAKVZ1t%2FIKwH%2B%2FPz2X%2F51HvfQ5oKJi8R53OnUlcI0z3YdF6zmsCoOWfpAoq8nBifzYtKEigx55SVsP%2FibI4nhtZfU1nu23vomwZodhdJXGJgSgxUCarGsPljkyw1py%2F9%2FEUdX4KpxoQp0zhgyqjPpmTzeTLbdI0W6pcDK%2Bubt10a9Ja9bpeKLuv4K1HgcUr9TuAHAW0js9Oo%2B%2F7xXwAAAP%2F%2FAQAA%2F%2F%2FPy8bzewQAAA%3D%3D HTTP/1.1
Host: unnecessarydispleasedleak.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991488,4991490,4991489]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 May 2024 10:25:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 17e41b39bd93a41ee4ff29bb045cf024
Strict-Transport-Security: max-age=0; includeSubdomains

www.teamos.xyz/cdn-cgi/rum?

104.21.71.43

204 No Content

0 B

URL POST HTTP/3
www.teamos.xyz/cdn-cgi/rum?
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 455
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Sun, 05 May 2024 10:26:08 GMT
access-control-allow-origin: https://www.teamos.xyz
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87f007d42d2e56a2-OSL
x-frame-options: DENY
x-content-type-options: nosniff

www.teamos.xyz/

104.21.71.43

200 OK

173 kB

URL User Request GET HTTP/3
www.teamos.xyz/
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
173 kB (172857 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Sun, 05 May 2024 10:25:46 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
set-cookie: xf_csrf=kzbg_xDMSW2__COn; path=/; secure
xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm; path=/; secure; HttpOnly
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lnxq7bIZW4w0vpn52Zq2owtST1ejuY0bCfj2brx0%2BkkBaDqXK6WWn0m%2Bsvkyu8SJCy73w1R%2F5JsITptVrpYiEZBtxiwt%2Fvvb%2B4xVjJgTee0rOKnW5jUklBmoacL6AY7yUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f007471cb756a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/favicon.ico

104.21.71.43

200 OK

180 kB

URL GET HTTP/3
www.teamos.xyz/favicon.ico
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
Size
180 kB (180396 bytes)
Hash
6d9396dc55f2e528b53aa081b562f91f
aba25e72d54c60252f233a4bcf2c5773a11e6359
f2678bc111d1e4768f668ea1d1d8bc086371b13f66688831fb7e5706f7d29638

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: image/x-icon
last-modified: Sun, 05 May 2019 15:07:05 GMT
vary: Accept-Encoding
etag: W/"5ccefc19-2c0ac"
expires: Wed, 22 May 2024 02:44:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 406104
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LLD3R2k8YZxawC2wHQXOa5d4WAyMHTkAiShVna8as1sQePjGBBOYBybOJyXp3mF1png8pzaxogYflH%2B4xKVX9XxJzAdA6%2F1Pv67Ajj7RYFx1TGzhUvYYR83CDy11NmqNKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f0074ecd4856a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/js/xf/preamble.min.js?_v=1d5fe3a2

104.21.71.43

200 OK

3.4 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/preamble.min.js?_v=1d5fe3a2
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (3549), with no line terminators
Size
3.4 kB (3379 bytes)
Hash
cb73021081c1542f2179421a07600c5f
3e1a9cfbcceabb20985ad1d294754a0cda74defe
497c070b11794ae6950d47f244ac42c4669cb9b4126162ad7417ea970a21da3b

HTTP Headers

GET /js/xf/preamble.min.js?_v=1d5fe3a2 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
vary: Accept-Encoding
etag: W/"63926c70-d33"
expires: Tue, 07 May 2024 03:43:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 395131
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6tiVbBkJ4Ktx0eQT4ss%2BC09xzlTEyJTQId3OD0xxAfWWxV%2B%2FJv66qB07vsJJzJxCha0saj6APlL7nryZedVNHh4scBLEHBVC%2FWVLmP4vp5nrJCVDN9Suw2ByaN%2BwRcJkzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f0074ba96c56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.170

200 OK

90 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 02:27:35 GMT
expires: Sat, 03 May 2025 02:27:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 201491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-77872044-1

142.250.74.168

200 OK

208 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-77872044-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
208 kB (207550 bytes)
Hash
26dee4df2b1cf705f18f20c8460a833b
347a196d5f8965d7a25a132a774e831ceeb20458
21b8c55cc8b9ddac71e1adf1dcbb2ef6a200516f0c101857146494a97525b4a5

HTTP Headers

GET /gtag/js?id=UA-77872044-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 May 2024 10:25:47 GMT
expires: Sun, 05 May 2024 10:25:47 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 May 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 287446
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.teamos.xyz/images/dUy8t.gif

104.21.71.43

200 OK

23 kB

URL GET HTTP/3
www.teamos.xyz/images/dUy8t.gif
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
GIF image data, version 89a, 90 x 68
Size
23 kB (22768 bytes)
Hash
38be94eee10c04d248dc14b49a940b93
9d4fece605fc55c0ca18443c3018da3c34e40f05
8928b33dafb9036f74c4298b1e4097b90844fbed60bd41b8b9e3bbe4dcbda25b

HTTP Headers

GET /images/dUy8t.gif HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1714599685&k=034405c740f279c15adbbc41dfccb627ca90db04
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: image/gif
content-length: 22768
last-modified: Sun, 07 May 2023 10:55:46 GMT
etag: "645783b2-58f0"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2066
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYsiJhIvNrAWB4FGnhMe0ey3%2FWWnmzwqyU%2B6915bKNujstlscO78BwguTYgJKIh4OufhaqvaBKEEoNw7WSdqSFlT%2FtEqSBXakMahGO6U1jZxggriqas6jC6clMNDqX0BNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f0074b592956a2-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.71.43

200 OK

12 kB

URL GET HTTP/3
www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ua%2BQFVwhmaABLl5VDm%2Fu16vRlMQaF%2BqAdduP%2BGhNgGIHqpibGqUkJiylHbfzd%2FpDxmDPX5KGE84IXjWgU0mWVJiH9GcofPWmoWMAFZglp5mlg%2FzAFriII7Y7vrcTmIo5MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f00749ef8656a2-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 07 May 2024 10:25:46 GMT
cache-control: max-age=172800, public
content-encoding: gzip

my.teamos.xyz/00122c7a1952f860fa69cec93a11005c/announce7:comment39:Downloaded

104.21.71.43

302 Found

173 kB

URL User Request GET HTTP/2
my.teamos.xyz/00122c7a1952f860fa69cec93a11005c/announce7:comment39:Downloaded
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
173 kB (172857 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /00122c7a1952f860fa69cec93a11005c/announce7:comment39:Downloaded HTTP/1.1
Host: my.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 05 May 2024 10:25:45 GMT
location: https://teamos.xyz
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gI%2FcqIWwzIFvUK9M2AqJXkg49mkSiwJQ6Qv%2FMin9IXlWOT3sX8Gt0lIwExYtlIswm1jI1Wv2GvABGqfgep83s2WDQfs2uRSMBP6EDaoBli86ilqdHEgveVCMCYvp81A%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f0073859fcb4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 10:25:47 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f82be0825fe72c4967d4d9c5c207dd26
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 05 May 2024 10:25:47 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQP7vsybDx8eH4u6ZgFc31sHwpXRK%2FQEMbX9FVtEpELKJwnfLuvrViVzGyvbBCuDrYoCitYuayIdxuxpevYbhKER7xM1Pb23bL0Hyx%2FQPaqWwjNmtV4Z%2Fg0VSZa%2FX0rvweE967zW1DTEy%2B7zAFi%2Bvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f007514e2e56a9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:35:00 GMT
expires: Fri, 02 May 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 287446
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

teamos.xyz/

104.21.71.43

301 Moved Permanently

173 kB

URL User Request GET HTTP/3
teamos.xyz/
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type

Size
173 kB (172857 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
date: Sun, 05 May 2024 10:25:46 GMT
content-type: text/html
location: https://www.teamos.xyz/
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vkWbk3J9fTDurB%2BEjsRQHF%2B0VA4wuP5W2e7jB3vqRDjV5sS12UzCptAMvywmwGLcmYjrjlwFEz4Dfe775%2BpD8YRvCDUZzzeuubBAOy%2Bao6SWO3rUHzZ2A5PDHl%2FG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f007465bba56a2-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/js/xf/notice.min.js?_v=1d5fe3a2

104.21.71.43

200 OK

3.7 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/notice.min.js?_v=1d5fe3a2
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
FingerprintE3:D9:F6:C5:B2:E4:BC:3C:9A:F3:1A:E0:87:E4:4C:A3:E8:3C:CE:63
ValidityThu, 18 Apr 2024 10:12:20 GMT - Wed, 17 Jul 2024 10:12:19 GMT

File type
JavaScript source, ASCII text, with very long lines (3758), with no line terminators
Size
3.7 kB (3662 bytes)
Hash
dfe0222d5d182d0d6a9b43d5a6c7a39e
f0455388d72298f16ca08c8dcf5b85e18d54f659
c9a0822314b301039409542c323db4e053f62525ce8c5aa63c46a9c3a8a46ceb

HTTP Headers

GET /js/xf/notice.min.js?_v=1d5fe3a2 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=kzbg_xDMSW2__COn; xf_session=slAaP3L5bRF9FMyaWPbva3rwB23sktTm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 10:25:46 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
vary: Accept-Encoding
etag: W/"63926c70-e4e"
expires: Tue, 07 May 2024 03:43:35 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 401237
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MOIxfQLmW6ds6dTIsVFl6b%2BdCLRtkqd5FW7krkG%2FjPm0xR2QmljAhp2GndjiVa7LKao9XXSkTO6bB3c58%2FLxZ1Her2RWuRYGULyH890taw%2By4nxAmvSmOLpcVBzENkSVJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f0074b995d56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL