Report - my.teamos.xyz/00125f0b5c4b51868fe5ec0b88beb9c8/announce7:comment39:Downloaded

Report Overview

Visited public
2023-11-30 03:10:13
Tags
URL
my.teamos.xyz/00125f0b5c4b51868fe5ec0b88beb9c8/announce7:comment39:Downloaded
Finishing URL
www.teamos.xyz/
IP / ASN
104.21.71.43
#13335 CLOUDFLARENET
Title
Team OS : Your Only Destination To Custom OS !!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-11-29 19:28:10	2.4 kB	159 kB	45.133.44.9
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-11-30 01:36:15	412 B	86 kB	172.64.98.2
teamos.xyz	unknown	2022-01-12	2022-01-13 02:39:54	2023-11-20 00:58:23	479 B	174 kB	104.21.71.43
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24 16:34:56	2023-11-29 07:41:02	506 B	20 kB	104.16.56.101
instrumenttactics.com	unknown	2022-01-23	2022-01-23 20:19:16	2023-11-24 03:41:46	1.3 kB	46 kB	192.243.59.12
demeanourgrade.com	unknown	unknown	No data	No data	2.5 kB	5.5 kB	192.243.59.12
perspirationfraction.com	unknown	2023-11-28	2023-11-28 10:04:26	2023-11-29 05:01:28	7.6 kB	20 kB	192.243.59.20
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-29 07:57:29	448 B	1.5 kB	142.250.74.106
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-11-29 06:55:16	455 B	32 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-29 07:17:12	1.1 kB	98 kB	216.58.207.227
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-11-28 18:22:43	441 B	421 B	35.157.159.40
my.teamos.xyz	unknown	2022-01-12	2022-04-13 15:58:04	2023-11-26 17:20:14	545 B	174 kB	104.21.71.43
www.teamos.xyz	unknown	2022-01-12	2022-04-13 15:58:04	2023-11-19 02:58:17	13 kB	1.3 MB	104.21.71.43
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-11-29 07:23:07	898 B	151 kB	216.58.211.8
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-11-29 07:07:27	350 B	942 B	143.204.53.97

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-30	medium	perspirationfraction.com	Sinkholed
2023-11-30	medium	perspirationfraction.com	Sinkholed
2023-11-30	medium	perspirationfraction.com	Sinkholed
2023-11-30	medium	perspirationfraction.com	Sinkholed
2023-11-30	medium	perspirationfraction.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	From	Size	First Seen	Last Seen
	instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js	ScriptElement	30 kB	2023-11-30	2023-12-12
Pretty URL instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 04:10 Last Seen2023-12-12 07:50 Times Seen14 Hash 887aa12faf1934b64571ef77225b3ca2 d3ce53473c934aae6d6afcbf42b2e6b5e2205e6a 7926a3996f43976898112ecb50687a0d30e6700ed961bd4f76ac3c8ddc2c88de Loading...

	unknown	ScriptElement	710 B	2023-03-07	2025-04-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28 Last Seen2025-04-21 20:57 Times Seen324 Hash 44f474ad795f2c9a6ba3e00ba7d3e0ce fca7a12113dc770c62721146decd70697384e78f b23f5c96634b513c51b13397c53b235960fed3f771e72923c0d557e4e0830e5c Loading...

	instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js	ScriptElement	25 kB	2023-11-30	2023-12-03
Pretty URL instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 04:10 Last Seen2023-12-03 17:48 Times Seen2 Hash be0d299b5fdf5980b39919272a1d887e bd40460575f4bcfd014a2171a89606f0f5a3e3df b30059eda9d4cf7700eadd796c355e65c59b5c180e48d41b1f2dc834988b0716 Loading...

	unknown	ScriptElement	206 B	2023-03-07	2025-04-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28 Last Seen2025-04-21 20:57 Times Seen325 Hash 2700edffedbdaa40ab6a216ae8ced12f 573cb508bb36874954aa08c362370776cf73963c 35725d60531c253a1c499e18c6164aa07bcd1da0fa6e20e193b427e5970d8d09 Loading...

	unknown	ScriptElement	357 B	2023-03-12	2025-04-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:17 Last Seen2025-04-21 20:57 Times Seen324 Hash 00f88953f2d2d6770a8c26b60786c7a6 6cafe6508c1f114bf474f948fc6776a6131f3a72 1d996072b68082027d84ea8ccd0588497eb43fbfc4a2b2225bb443ff1424f4cc Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 23:21 Times Seen108984 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c	ScriptElement	229 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c IP 216.58.211.8 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 04:10 Last Seen2023-11-30 04:10 Times Seen1 Hash 7fce082d095f9570be54b13303bba88a bc32520c32348babdeba5adcd883c540abca87d2 9cc77b5a21dc2c832e9f71a241fa9e58b7d42fd637e2e79df6df7dbdf5c50f58 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 172.64.98.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

	www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-05-11
Pretty URL www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 23:17 Times Seen31331 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	unknown	ScriptElement	3.3 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:23 Last Seen2024-08-20 17:23 Times Seen1 Hash 0305738f6a02fb26181311e3486eba5b 7ac3e45ab0e9aa1be9129b559fb81f850ef22ed4 ffd6d96502c8cb21c5552a53bb8e539288f36cef80dfd77ad7a2d173b13e3e82 Loading...

	unknown	ScriptElement	145 B	2023-03-12	2025-04-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:17 Last Seen2025-04-21 16:19 Times Seen303 Hash 56345684a4f92ef41f648d4d85464d99 a8c16ba1be3fb3c3dc7eff8358d223fc86cc3bde aa59fc72954112cea004fa466abb1ad524db3fa8321764f9699745769aea8d95 Loading...

	www.teamos.xyz/js/xf/notice.min.js?_v=eb121d40	ScriptElement	3.7 kB	2023-03-09	2025-04-22
Pretty URL www.teamos.xyz/js/xf/notice.min.js?_v=eb121d40 IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:27 Last Seen2025-04-22 18:47 Times Seen560 Hash b725cc9681612e5c4a6de094bbe33bd9 c2bd0760c401cf86e15fc2b941b14fa7901633e3 a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b Loading...

	unknown	ScriptElement	2.1 kB	2023-03-07	2025-04-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28 Last Seen2025-04-21 20:57 Times Seen328 Hash 3a3fa1f807c678e04fa94fa684069231 c26e333abe0f139338a79d09557d433bab245107 95464e5d88d803be95b2ee15ce8668f1dc99b75f6aadd4379bc9fbcfba665ba5 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 23:17 Times Seen341218 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	unknown	ScriptElement	4.9 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 17:23 Last Seen2024-08-20 17:23 Times Seen1 Hash be35b3181a888f5e9c3fc7da2c97a4df 82089ce674abb9ef2fc7336db40b0abaaef1bbd0 b5290bd0250ec8b7c3e2a0e4872ad0aa1e5d1bf73f44cb23da501958037ae01b Loading...

	instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js	ScriptElement	60 kB	2023-11-30	2023-11-30
Pretty URL instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 04:10 Last Seen2023-11-30 04:10 Times Seen1 Hash e6b9a0bda96e19bf447512379be8c5ca e02e47d1382e96e287d4c87a5282e9a96429a13a 2fc70a28dd4779a7b758ec4d194479ba01486bbfe996c686dc4e25059190f4e6 Loading...

	unknown	ScriptElement	109 B	2023-08-09	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-09 04:36 Last Seen2024-08-21 09:43 Times Seen223 Hash 7218713e2c8c16c0364d3becd32d81a4 ce616ff02d8ee78f7f8d611612c067bbb205b43d 5395f9f96240261e372e1e7f6acb440e3ea5e16d53e78e286d14001e16af5a46 Loading...

	www.teamos.xyz/js/vendor/vendor-compiled.js?_v=eb121d40	ScriptElement	43 kB	2023-03-07	2025-04-21
Pretty URL www.teamos.xyz/js/vendor/vendor-compiled.js?_v=eb121d40 IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26 Last Seen2025-04-21 20:57 Times Seen408 Hash 372b0c5f17990ad741c3d02593f63fe8 4e577cb859755cbf104a2334e6307a5291558689 ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1 Loading...

	www.teamos.xyz/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL www.teamos.xyz/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 23:17 Times Seen342020 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317	ScriptElement	20 kB	2023-10-13	2025-05-09
Pretty URL static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 IP 104.16.56.101 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:51 Last Seen2025-05-09 13:23 Times Seen17152 Hash dd1d068fdb5fe90b6c05a5b3940e088c 0d96f9df8772633a9df4c81cf323a4ef8998ba59 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101 Loading...

	www.googletagmanager.com/gtag/js?id=UA-77872044-1	ScriptElement	190 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=UA-77872044-1 IP 216.58.211.8 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 04:10 Last Seen2023-11-30 04:10 Times Seen1 Hash f189e4136d8952946f68d33d2636ee1b a1821cabbec863ab68a5542c28b69ae5b40d9acf 74e417693578f40564822b0089467f4161509f0c7a53bcae25207d966b8e0141 Loading...

	www.teamos.xyz/js/xf/preamble.min.js?_v=eb121d40	ScriptElement	3.4 kB	2023-03-09	2025-04-21
Pretty URL www.teamos.xyz/js/xf/preamble.min.js?_v=eb121d40 IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:27 Last Seen2025-04-21 20:57 Times Seen469 Hash 57c077607d1b4ba5bfeac6740d6e9576 8ce714d869d8f3b46eb3a7c7689920e1a85b0808 c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d Loading...

	www.teamos.xyz/js/xf/core-compiled.js?_v=eb121d40	ScriptElement	214 kB	2023-03-12	2025-04-17
Pretty URL www.teamos.xyz/js/xf/core-compiled.js?_v=eb121d40 IP 104.21.71.43 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:31 Last Seen2025-04-17 07:13 Times Seen327 Hash d0ab265a4f68a45efc52408bd69a7f25 c57033113a290427c17a5cd1c94b1829aac06fed abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3 Loading...

	unknown	ScriptElement	14 kB	2023-03-07	2025-04-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28 Last Seen2025-04-21 20:57 Times Seen323 Hash b5bf3196e186c65f858bc7e486cf9cba 917caf23e7cac4ba0613ae06e6bf1b72c0e69c98 bb8411520f5e4a207375f13c7266dbdf5fb56fd58fa695c0d486ddf476346d02 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2711fceaffbc4adbdef1e52afbde54de	15 kB	2023-03-07 12:28	2025-04-21 20:57
Pretty Observations First Seen2023-03-07 12:28 Last Seen2025-04-21 20:57 Times Seen383 Hash 2711fceaffbc4adbdef1e52afbde54de 62a2235b484940a2478213c3ff460153c3071fc3 21d093407e762467a0eb2435e960d0848f2a22eaa9c174a751b0a2203ec0fff7 Loading...

	#2 Eval - cafc08e5505a31b1e1dabb487208f7f4	2.1 kB	2024-08-20 17:23	2024-08-20 17:23
Pretty Observations First Seen2024-08-20 17:23 Last Seen2024-08-20 17:23 Times Seen1 Hash cafc08e5505a31b1e1dabb487208f7f4 eb538a833ac3ac6adebb6ddef1997ee04b5abb1c 6e96fa4e164e2a6b22b8ff5521f68edab1d1da60607b4bd9df60031676530a58 Loading...

HTTP Transactions (49)

URL IP Response Size

www.teamos.xyz/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3

104.21.71.43

200 OK

169 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
Web Open Font Format (Version 2), TrueType, length 168768, version 331.-31261\012- data
Size
169 kB (168768 bytes)
Hash
d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

HTTP Headers

GET /styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: font/woff2
content-length: 168768
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-29340"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1215
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CM%2FUhwnN5YAl5TJvAhE5xWhL1nGRLf3uc29fuB2QtLXS2GupoIPffBKz6%2FlaP%2BrzkxXXWnBARrIhhdib6QpIqHiPuuWP%2BNaDyZzKo8utY%2BA5mSXpzd9pgD9ZORM0IH0pHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f47b31568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3

104.21.71.43

200 OK

137 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
Web Open Font Format (Version 2), TrueType, length 136824, version 331.-31261\012- data
Size
137 kB (136824 bytes)
Hash
978b27ec5d8b81d2b15aa28aaaae1fcb
76625967fe113a088e0627605b9d1bbfb8a5e47c
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

HTTP Headers

GET /styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: font/woff2
content-length: 136824
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-21678"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1215
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uldnPMa4975Jqo%2BA7QRtfS9IFc128DyhD1uRXd099pZQrIkJOlHmttAcwMWs%2BdJ%2FsZE8r3DT7i8Fn8KWaaKc%2BAWlczBLZCfKGZ31JU8aIeOMFKVkKKGWn4nTgQEALryaTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f48b38568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3

104.21.71.43

200 OK

77 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
Web Open Font Format (Version 2), TrueType, length 76740, version 331.-31261\012- data
Size
77 kB (76740 bytes)
Hash
0511670fe2f5405105a6760294c5c51d
61cb879dec4fa97ece0d2a26cd6767c66117841b
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

HTTP Headers

GET /styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: font/woff2
content-length: 76740
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-12bc4"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1215
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ONugu%2FO8rGiuV%2FJkaAdE6T2l1sMkK72MagAeXaGHJmm0ZvqlWoFaxSwZFzAPBWYiSWOMbWTJWMEJcKvoULaYyMXK2rnCckR8fq1lF6J%2Bs121TMStujSBEk1y53jTbTvA0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f48b39568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/assets/logo/TeamOSBanner.png

104.21.71.43

200 OK

42 kB

URL GET HTTP/3
www.teamos.xyz/data/assets/logo/TeamOSBanner.png
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
PNG image data, 440 x 190, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (41495 bytes)
Hash
6d2647b327cb54f616dcbec207599df0
4e3e0baad833e44a3eb1e2052d3e78fd828180bf
b6201f6ed7ee1358eaad1b0dc43a16dd215f1175ceef43a3169c2e51b3a737a8

HTTP Headers

GET /data/assets/logo/TeamOSBanner.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: image/png
content-length: 41495
last-modified: Sun, 08 Jan 2023 06:26:05 GMT
etag: "63ba61fd-a217"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1215
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CEW6SBTGwHMwO9uLdfoo31AjISZoFgy%2BOTWB4wps4pqP1pYnOzlXOKlM11H8FeMIeAJyHV%2F1PADiPbU4j9wjAhXb0q2DB2tcX9o3NSVUuDVLhzZEFnrLSZHR559IDpA8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f48b3c568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/xfa/customusernameicons/icons/star.png

104.21.71.43

200 OK

670 B

URL GET HTTP/3
www.teamos.xyz/data/xfa/customusernameicons/icons/star.png
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
670 B (670 bytes)
Hash
c8ca219ff43a2fb1dea67de2582123af
8fd08b1c430aa569e93d7fcd42f2f03b4ce57c02
9d3d2d2933fa0190f4ded95fabb5bde04bd1bbb0f040a8de93aeb0deda699b73

HTTP Headers

GET /data/xfa/customusernameicons/icons/star.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: image/png
content-length: 670
last-modified: Sun, 07 May 2023 17:28:57 GMT
etag: "6457dfd9-29e"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mX8KDxM43yyqQIeDc%2F1xNn7h0XqFlROuief3W8ecF8L4DvbB2y8S%2B1sz7ZttlRABYmqdAqBzc5C4hdDfd6QiGUgmnvIf3qrzAwDffcASmf2dwfo2YMvs8b7FMd%2B8EBfc3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f48b3d568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1701211431&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52

104.21.71.43

200 OK

17 kB

URL GET HTTP/3
www.teamos.xyz/css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1701211431&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
ASCII text, with very long lines (49132)
Size
17 kB (16742 bytes)
Hash
394c418197beab6a31b3281f3342bfac
3af77160350ff52f8d36b47365a118279f412ccb
0573e5c09f0c4164784b44f27da20fe3a50fb04b98ab1fadd5348b82543d0194

HTTP Headers

GET /css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1701211431&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Fri, 29 Nov 2024 03:09:55 GMT
last-modified: Tue, 28 Nov 2023 22:43:51 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDU7vffmR9lEB3%2FiGNSol82aY%2Ba7iuFadBRIasKFT%2FqLaw2CSvS%2BvN2kL8EObAoNLlTRAqByXn5f9Fsj7%2FvFyQYtkCnqOrcGLjVXBSDyeL1NzVPkkyoVhSyYE%2F7jh3e7RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4f48b3b568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.71.43

200 OK

27 kB

URL GET HTTP/3
www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
gzip compressed data, from Unix\012- data
Size
27 kB (26654 bytes)
Hash
3dcc36cb0610b5eca198ec6f7c3b8b87
734c0ad9ec1f4b888404ec9ee4c8558d47164c33
1fd697ec0c26fa7f6ea4f1ae359c7f47b4a2aee012ed1e715e88b5207bcd689c

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 12:56:30 GMT
etag: W/"656491fe-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VB5v4FxG5mlvJLrxkYZe4LivjzqOq40xaqHy0C%2BbDJ622ruaCra3vcjSuXO2F03teKY8DehJvzOfOInh5ZmR5fvGyjuJyEy0BbT6WF6SNO5vLd6Dl53vXNt%2BcIpzrXDrVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f4ab47568e-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 02 Dec 2023 03:09:55 GMT
cache-control: max-age=172800, public
content-encoding: gzip

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/3
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Nov 2023 23:18:54 GMT
expires: Wed, 27 Nov 2024 23:18:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 100261
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.teamos.xyz/js/xf/core-compiled.js?_v=eb121d40

104.21.71.43

200 OK

62 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/core-compiled.js?_v=eb121d40
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
ASCII text, with very long lines (16424)
Size
62 kB (61959 bytes)
Hash
d0ab265a4f68a45efc52408bd69a7f25
c57033113a290427c17a5cd1c94b1829aac06fed
abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3

HTTP Headers

GET /js/xf/core-compiled.js?_v=eb121d40 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=213917
etag: W/"63926c70-3439d"
expires: Mon, 27 Nov 2023 02:33:41 GMT
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
cf-cache-status: HIT
age: 597918
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAqaALpJ7MH1O0FOe%2FYwcvyQP78ycYq%2By0K65oejErAqR93tdD8cin130jN9q5%2FWtd0esPv8KATdxvX0wZ1jmN1x1VnIh3dbKSMCQQcC%2Bbj3EDV9ace8Mv5JNIPqwruWnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4f6dbc0568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-77872044-1

216.58.211.8

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-77872044-1
IP
216.58.211.8:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (68680 bytes)
Hash
f189e4136d8952946f68d33d2636ee1b
a1821cabbec863ab68a5542c28b69ae5b40d9acf
74e417693578f40564822b0089467f4161509f0c7a53bcae25207d966b8e0141

HTTP Headers

GET /gtag/js?id=UA-77872044-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 03:09:55 GMT
expires: Thu, 30 Nov 2023 03:09:55 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68680
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:00:58 GMT
expires: Fri, 22 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 598137
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 05:00:58 GMT
expires: Fri, 22 Nov 2024 05:00:58 GMT
cache-control: public, max-age=31536000
age: 598137
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.teamos.xyz/data/avatars/s/478/478145.jpg?1545822597

104.21.71.43

200 OK

900 B

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/478/478145.jpg?1545822597
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
GIF image data, version 89a, 48 x 48\012- data
Size
900 B (900 bytes)
Hash
dfbb3c36ac05f252e3b2b00fbee51752
fec45fc99fd26e28f21f17cb516cdf6ec6c236ed
32edcdff3797408a9de2fa56fea83d4dad772f9507846ae0498994505ce8c662

HTTP Headers

GET /data/avatars/s/478/478145.jpg?1545822597 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: image/jpeg
content-length: 900
last-modified: Sat, 04 May 2019 23:47:38 GMT
etag: "5cce249a-384"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1215
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9CdKiSGPhci1dtx2Sk3oVWUZzJK6GVXVk9scttV2w9CJPksiOVaDIcLQll29RAaKojSzf0kWFYduot287m%2BHX9uPDPWcxtADbwK9SnWIdV9bypk7AFbujfwwYfWXFB88A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f83c0d568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/79/79271.jpg?1529195729

104.21.71.43

200 OK

1.4 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/79/79271.jpg?1529195729
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 48x48, components 3\012- data
Size
1.4 kB (1425 bytes)
Hash
9c23170badab3b7b02e9e8c6f6d8f734
1ab12cf0526432e38a4188a328752662055e7d08
79717af98e23ff9b4c974bee0e91a8c0bc73e1b42ebe2c8e61846410807b0c22

HTTP Headers

GET /data/avatars/s/79/79271.jpg?1529195729 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: image/jpeg
content-length: 1425
last-modified: Sat, 04 May 2019 23:44:59 GMT
etag: "5cce23fb-591"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwqwgJHi6zrgdlbjBzaes%2BGbpkyswj6BAUyCPEcSMUqkBTYWmQx%2FScSGTtYsiyMjVFinZGkWqphsKu8V6cktF6WF37W4%2BOC2iGdEiq4q0z0cLTRLXSil%2FKd5IPat%2B0RFuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f83c0e568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/128/128632.jpg?1700884021

104.21.71.43

200 OK

4.3 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/128/128632.jpg?1700884021
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4287 bytes)
Hash
75a59ee6f5a7b2fdb544b33e63e35d69
da90734533724ee187ebb6d19d3078f1d71c435a
176d1166b0879195804fc2cb3ef6b08eaafdf32dfc71bbe2a4ab615fd16e25b0

HTTP Headers

GET /data/avatars/s/128/128632.jpg?1700884021 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: image/jpeg
content-length: 4287
last-modified: Sat, 25 Nov 2023 03:47:01 GMT
etag: "65616e35-10bf"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDkV%2Bm8jOzDUK6saPvY8G98C1%2FhKyX2Fjyex%2BrFVKNvnZWPRs1YOuQmUWW4gxwv9lW308oYs1EKoGDl%2Fcx7Vjmg5dbOizq9cERK%2B3JX7mQLXeWY6hAwk6gIo44ks%2BJ952w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f83c0f568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/89/89752.jpg?1689924988

104.21.71.43

200 OK

859 B

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/89/89752.jpg?1689924988
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 48x48, components 1\012- data
Size
859 B (859 bytes)
Hash
954a3ec36d7e891f74e436bee4ee6194
8262c96c2d7ec9e2eb6a221d89cb8781bb1c72a1
1a9cdf53b492bc93052d777cd4ddd72a4f7a829b247bd7a1bce5a414c0e177f8

HTTP Headers

GET /data/avatars/s/89/89752.jpg?1689924988 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: image/jpeg
content-length: 859
last-modified: Fri, 21 Jul 2023 07:36:28 GMT
etag: "64ba357c-35b"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAWYfc461rGkPNih8PlrS0PxX0diDMlepeYz2puLXQ5WFh3HUM3a6ipUuxGraC7nbM%2BAIVJWimx5m06GZZVfQuxMQ8qAEY93R1Y7vzo%2FNw2Ej%2FEUIgAQHfl3ggnSyO7lKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f83c13568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/122/122998.jpg?1626410486

104.21.71.43

200 OK

1.3 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/122/122998.jpg?1626410486
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 48x48, components 3\012- data
Size
1.3 kB (1263 bytes)
Hash
d166797572f060c70ad49c527e80cde0
353c8a0a39f6d770c70258461566beb248db2aad
b44f07f7b90f3c0e3cd2dad4855d9ae18c00de1ef4e8acb6516b17e5ceef9e96

HTTP Headers

GET /data/avatars/s/122/122998.jpg?1626410486 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: image/jpeg
content-length: 1263
last-modified: Fri, 16 Jul 2021 04:41:26 GMT
etag: "60f10df6-4ef"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1215
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bz9UuC5SyYp0EelBRidKZJxE1UOIggr%2FcIml72QWzXoW2l0Pul31XzsIuOE0BamQPXElnFXd%2BvgYgDZZc2uEirpWUDHG9mKv46apkDZjwIj3CA9Wl%2Bz2six29NgY8L4X5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f83c14568e-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/js/xf/preamble.min.js?_v=eb121d40

104.21.71.43

200 OK

2.1 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/preamble.min.js?_v=eb121d40
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
ASCII text, with very long lines (546)
Size
2.1 kB (2074 bytes)
Hash
57c077607d1b4ba5bfeac6740d6e9576
8ce714d869d8f3b46eb3a7c7689920e1a85b0808
c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d

HTTP Headers

GET /js/xf/preamble.min.js?_v=eb121d40 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
vary: Accept-Encoding
etag: W/"63926c70-d33"
expires: Tue, 05 Dec 2023 08:25:42 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 69123
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kDvYLxa7MAIXGBDamdTeyfzgOcRfbcvepVG%2FC6MBsaPpcOkfFnLHB8nS%2FwM%2BU%2FNq0uYAJemyuEJE1GakSN%2ByaWgQjia0fz5Mthl4XbpoN3H0M7X2Azg1J6COKGXUxNp%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4f6fbca568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/assets/logo/TeamOS.png

104.21.71.43

200 OK

21 kB

URL GET HTTP/3
www.teamos.xyz/data/assets/logo/TeamOS.png
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20927 bytes)
Hash
86270c1741a9db8f95b7d6fdef2c62b4
17a3a90ec7e9d33dd84a77509446bf64d73d2e9e
83c1feff94030b6ddf0e2105ef24f444520c4e0fe3a0e6bf618eced3d2725bd2

HTTP Headers

GET /data/assets/logo/TeamOS.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:56 GMT
content-type: image/png
content-length: 20927
last-modified: Fri, 14 May 2021 15:05:04 GMT
etag: "609e91a0-51bf"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1216
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxL3o53lKFyDaLMwQ1N14rBiQ5rvCDjMSZqh79q23mX%2FnEIbBw3iBrsNgw1B%2BQrQTdswgrfKR0BEYu3MyRFz%2F2J6tb5we1di%2B0nYTevAQKWLp6sAaPS8tTEun1LPWFYgyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f9dc68568e-OSL
alt-svc: h3=":443"; ma=86400

instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js

192.243.59.12

200 OK

9.3 kB

URL GET HTTP/1.1
instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
Fingerprint35:9B:C5:C6:63:2C:DA:1E:F6:69:25:A2:19:D2:A3:FD:2A:DE:42:93
ValidityWed, 15 Nov 2023 06:53:36 GMT - Tue, 13 Feb 2024 06:53:35 GMT

File type
Unicode text, UTF-8 text, with very long lines (25099), with no line terminators
Size
9.3 kB (9278 bytes)
Hash
be0d299b5fdf5980b39919272a1d887e
bd40460575f4bcfd014a2171a89606f0f5a3e3df
b30059eda9d4cf7700eadd796c355e65c59b5c180e48d41b1f2dc834988b0716

HTTP Headers

GET /7326f362b41f2b6bdb387bd9014ae95b/invoke.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 03:09:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 88ecfbffea86c010bc7db6598a8f28e7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js

192.243.59.12

200 OK

23 kB

URL GET HTTP/1.1
instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
Fingerprint35:9B:C5:C6:63:2C:DA:1E:F6:69:25:A2:19:D2:A3:FD:2A:DE:42:93
ValidityWed, 15 Nov 2023 06:53:36 GMT - Tue, 13 Feb 2024 06:53:35 GMT

File type
ASCII text, with very long lines (59705), with no line terminators
Size
23 kB (23342 bytes)
Hash
e6b9a0bda96e19bf447512379be8c5ca
e02e47d1382e96e287d4c87a5282e9a96429a13a
2fc70a28dd4779a7b758ec4d194479ba01486bbfe996c686dc4e25059190f4e6

HTTP Headers

GET /a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 03:09:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28241282becb9f1960e9486a1bcab4af
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5f98417c5efbc404cdc6e1eddca05845
123fef79582954e02a5acbd4b65e5c8c5ba14397
7e4f8947cb87eff6976f88fd49a323f00ec79211df4f468d9c622c91c42de0d1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 30 Nov 2023 03:09:56 GMT
Last-Modified: Thu, 30 Nov 2023 02:19:33 GMT
Server: ECAcc (ska/F775)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bJSVn0gDJ9NJmeJBYh71S2mfn3npgg-ao_2qHVMMFX2tQlsIj2uoOQ==
Age: 3023

proftrafficcounter.com/stats

35.157.159.40

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
35.157.159.40:443
ASN
#16509 AMAZON-02

Requested by
https://www.teamos.xyz/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b95a1adf6c96e2998637d32146cb468a
8f61f0fb2855cd4f222b0b2ca8bf6f0ef5d27a56
41cc000284a44fd7970323258a734af7589da5acdb6715e5a75da8ab98e737b9

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 03:09:56 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.teamos.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=18bda3d2-6be8-49a2-850d-856f7d33cb69:1:1; expires=Sun, 27 Nov 2033 03:09:56 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c

216.58.211.8

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c
IP
216.58.211.8:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
81 kB (80934 bytes)
Hash
7fce082d095f9570be54b13303bba88a
bc32520c32348babdeba5adcd883c540abca87d2
9cc77b5a21dc2c832e9f71a241fa9e58b7d42fd637e2e79df6df7dbdf5c50f58

HTTP Headers

GET /gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 03:09:56 GMT
expires: Thu, 30 Nov 2023 03:09:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.106

200 OK

713 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
713 B (713 bytes)
Hash
38a21748563d0925e0ace3c523af9899
90652a20e2952ecff93f82732eb83492d5aa26ff
12c6873492af82e72c1c5cd3a1faee7cc553849d4ca290836acaae18fb74b3df

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 30 Nov 2023 03:09:55 GMT
date: Thu, 30 Nov 2023 03:09:55 GMT
cache-control: private, max-age=86400
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js

192.243.59.12

200 OK

11 kB

URL GET HTTP/1.1
instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
Fingerprint35:9B:C5:C6:63:2C:DA:1E:F6:69:25:A2:19:D2:A3:FD:2A:DE:42:93
ValidityWed, 15 Nov 2023 06:53:36 GMT - Tue, 13 Feb 2024 06:53:35 GMT

File type
exported SGML document, ASCII text, with very long lines (29601), with no line terminators
Size
11 kB (10905 bytes)
Hash
887aa12faf1934b64571ef77225b3ca2
d3ce53473c934aae6d6afcbf42b2e6b5e2205e6a
7926a3996f43976898112ecb50687a0d30e6700ed961bd4f76ac3c8ddc2c88de

HTTP Headers

GET /ae333e82cfaead9ba22e64954c139352/invoke.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 03:09:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eb330467f6ce52e0c539187f3609aaee
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.teamos.xyz/favicon.ico

104.21.71.43

200 OK

49 kB

URL GET HTTP/3
www.teamos.xyz/favicon.ico
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size
49 kB (48851 bytes)
Hash
6d9396dc55f2e528b53aa081b562f91f
aba25e72d54c60252f233a4bcf2c5773a11e6359
f2678bc111d1e4768f668ea1d1d8bc086371b13f66688831fb7e5706f7d29638

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:56 GMT
content-type: image/x-icon
last-modified: Sun, 05 May 2019 15:07:05 GMT
vary: Accept-Encoding
etag: W/"5ccefc19-2c0ac"
expires: Sat, 09 Dec 2023 07:51:18 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 426491
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqUqnPCF3fquiTbj8B1d3cka%2FguGHc92t3FVI5CF4Wg1FBcgT0QLO1rxdvx0Tdn%2FQj66Jg%2FAz2%2B%2Fc8MfwkDHTH24%2BGbgRarCmJg1Ihd%2BgaxNXqZvkfPR%2FPb%2BvGJ1Q8irKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4f9dc69568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

192.243.59.12

307 Temporary Redirect

0 B

URL GET HTTP/1.1
demeanourgrade.com/watch.215763291696.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.3095&uuid=3aab320c-c6ef-4893-993c-4c8930c4de9b%3A3%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectdemeanourgrade.com
Fingerprint97:79:AD:04:07:B5:1D:6E:8E:6A:A1:80:DC:F7:25:95:76:09:45:F1
ValidityTue, 28 Nov 2023 08:07:04 GMT - Mon, 26 Feb 2024 08:07:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.215763291696.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.3095&uuid=3aab320c-c6ef-4893-993c-4c8930c4de9b%3A3%3A1 HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 03:09:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Location: https://demeanourgrade.com/watch.215763291696.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.3095&uuid=3aab320c-c6ef-4893-993c-4c8930c4de9b%3A3%3A1&shu=9bda46ade7266d8b45e451e0e194e13f8d83093a828d3d20e5554a59ca9cadd8eee3198de87007b2116738823faeec71f12bac91e6e3db4f41a0977a64af296baacab00408cac2d1a12c366878283c8cdc4e5678968c1d63e505b0b0cc0da3&pst=1701313857&rmtc=t
Set-Cookie: u_pl=17155452; expires=Fri, 01 Dec 2023 03:09:57 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE1NTQ1MiwiayI6ImFlMzMzZTgyY2ZhZWFkOWJhMjJlNjQ5NTRjMTM5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODMyNTYxLCJwaWQiOjM4NzE4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyMywicHQiOjQsInBrIjoiYXM3MnhuaXRqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRlYW1vcy54eXovIn19.wAMuGFnSHXkTRhpSJprA2v9VQGW3b-KgRAX_nCr9jcw; expires=Thu, 30 Nov 2023 03:10:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b4df61ec71945058b2dc8e31e7cf315
Strict-Transport-Security: max-age=0; includeSubdomains

perspirationfraction.com/ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4

192.243.59.20

200 OK

17 kB

URL GET HTTP/1.1
perspirationfraction.com/ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectperspirationfraction.com
Fingerprint19:0B:C2:9B:C0:F1:37:D8:50:FE:2E:3D:11:E0:69:E9:1B:96:38:F8
ValidityTue, 28 Nov 2023 08:02:25 GMT - Mon, 26 Feb 2024 08:02:24 GMT

File type
JSON data\012- , ASCII text, with very long lines (16735), with no line terminators
Size
17 kB (16735 bytes)
Hash
63ef155023a534ebd12cfb348fd2a447
140e6c03537b79c288fed05d4a28075f22446d0b
e17040d1f79b69365d13c4e73132291be63b126a85f9f9a8f9dbd635781faced

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4 HTTP/1.1
Host: perspirationfraction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 03:09:57 GMT
Content-Type: application/json
Content-Length: 16735
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17773605; expires=Fri, 01 Dec 2023 03:09:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 01 Dec 2023 03:09:57 GMT; secure; SameSite=None
uncs=1; expires=Fri, 01 Dec 2023 03:09:57 GMT; secure; SameSite=None
pdhtkv49=true; expires=Fri, 01 Dec 2023 03:09:57 GMT; secure; SameSite=None
uncs49=1; expires=Fri, 01 Dec 2023 03:09:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e295e8cadafb76a214889824937877b0
Strict-Transport-Security: max-age=0; includeSubdomains

perspirationfraction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXmY96EEMIoiXQXBRWCbd85txBTGukWBMYnYl56qu6kmZ6q62qnt6MqfgguxxBMGfU%2BebZIProu7Fm6ATL8uKkD4oORiv3oWwF0F6dmD0QdV73%2Fvq8H3v1ccH6TlxkdKzzXf1UCpFF1s1t%2Frytoy4zmx1%2FWbVc2vuteq2jNrNa9VBeZn%2Bq57bqrmvVN8W%2Fq5erLue63quV12RRgR6sDhlIeN7Xa%2FWdWvNes1rNTEw%2F8c2dWCpA94%2FJwuQvLi88%2BA%2BpD9BFH53XdjdRMdX3wpTRRNt0OfH70e7kc4ihPMyMA6C6Hj2GtoWhHx%2BCTo6njmA7h%2BWDsBkQZzfPbDoeCYTrH%2F0WClTEBEYfwpZfwKhJpB0Al%2FfguSnBPA51jcQhXfWtcno3mOWlmxBKhd%2FQ2YFqfzxLKLwm2UlB9UbWqWJ1JHFIMghBxPI3gRxeoJk6EBmJ%2FCTjyD5r2TxYg1ReLhhlYbk%2BdS9lBPIYAIlRqDWQVoe6SANHKSxg5CfVWmrG7huJ2BBo7HU9H2%2F0fD91lKbt3ijuRS4SP1S3ghJPIKvRvDNPmKzj135yWlrASb9EXYnh%2BUObFIQ57199HmOTBBkliCjBJkkyBKCrJ8fcWXrNr%2FDlU2ZN8v1WW7kY530DuiRTnoiIgfxOXmmHI3zdPMl7IqzaqdRbweNdp01vaDO2oyzxlKH8a7rNanothiszCHtpanboSzICxcfIpYFufxXDEZPYNUJfLkAmnqg2bhTd0F3xs0lF8PobiJoqG1tsDcE1znipIJkzzlQ5%2BT56YKutr%2BF8B%2BSWcA3OWKT4wP5M0FP3R5v6YwcbunMkvsbcSJDOaTl8m4kNBFP3H1H7GXa8NXrdvTVG35JlOW9m8ImazTiMupZ8vWy5FyYFW18QX5YtduCbaZ2Zzk1URqvbb65shrGRlgrdTQBlacbj%2BCX9h69OP2Wz201Ic0EJs0RpnOlUk%2Fgx%2Fuw8bxnNYFRc8xiB1maj02dzZtKEigxx5TlsP%2FBbF4f2NvomQpocgtRmKNvcvRVDqpGsOmT4yQ2D19%2F8EUZX4KpypgpUzlkyqhPp6MtyJWfPivIle9%2FK8hrf%2F4CK8%2BqohW4gXDrggVdFnSoy7tBs8to1xMd1qIeEluI3j%2BX%2FwUAAP%2F%2FAQAA%2F%2F%2FqtBTufQQAAA%3D%3D

192.243.59.20

200 OK

7 B

URL GET HTTP/1.1
perspirationfraction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXmY96EEMIoiXQXBRWCbd85txBTGukWBMYnYl56qu6kmZ6q62qnt6MqfgguxxBMGfU%2BebZIProu7Fm6ATL8uKkD4oORiv3oWwF0F6dmD0QdV73%2Fvq8H3v1ccH6TlxkdKzzXf1UCpFF1s1t%2Frytoy4zmx1%2FWbVc2vuteq2jNrNa9VBeZn%2Bq57bqrmvVN8W%2Fq5erLue63quV12RRgR6sDhlIeN7Xa%2FWdWvNes1rNTEw%2F8c2dWCpA94%2FJwuQvLi88%2BA%2BpD9BFH53XdjdRMdX3wpTRRNt0OfH70e7kc4ihPMyMA6C6Hj2GtoWhHx%2BCTo6njmA7h%2BWDsBkQZzfPbDoeCYTrH%2F0WClTEBEYfwpZfwKhJpB0Al%2FfguSnBPA51jcQhXfWtcno3mOWlmxBKhd%2FQ2YFqfzxLKLwm2UlB9UbWqWJ1JHFIMghBxPI3gRxeoJk6EBmJ%2FCTjyD5r2TxYg1ReLhhlYbk%2BdS9lBPIYAIlRqDWQVoe6SANHKSxg5CfVWmrG7huJ2BBo7HU9H2%2F0fD91lKbt3ijuRS4SP1S3ghJPIKvRvDNPmKzj135yWlrASb9EXYnh%2BUObFIQ57199HmOTBBkliCjBJkkyBKCrJ8fcWXrNr%2FDlU2ZN8v1WW7kY530DuiRTnoiIgfxOXmmHI3zdPMl7IqzaqdRbweNdp01vaDO2oyzxlKH8a7rNanothiszCHtpanboSzICxcfIpYFufxXDEZPYNUJfLkAmnqg2bhTd0F3xs0lF8PobiJoqG1tsDcE1znipIJkzzlQ5%2BT56YKutr%2BF8B%2BSWcA3OWKT4wP5M0FP3R5v6YwcbunMkvsbcSJDOaTl8m4kNBFP3H1H7GXa8NXrdvTVG35JlOW9m8ImazTiMupZ8vWy5FyYFW18QX5YtduCbaZ2Zzk1URqvbb65shrGRlgrdTQBlacbj%2BCX9h69OP2Wz201Ic0EJs0RpnOlUk%2Fgx%2Fuw8bxnNYFRc8xiB1maj02dzZtKEigxx5TlsP%2FBbF4f2NvomQpocgtRmKNvcvRVDqpGsOmT4yQ2D19%2F8EUZX4KpypgpUzlkyqhPp6MtyJWfPivIle9%2FK8hrf%2F4CK8%2BqohW4gXDrggVdFnSoy7tBs8to1xMd1qIeEluI3j%2BX%2FwUAAP%2F%2FAQAA%2F%2F%2FqtBTufQQAAA%3D%3D
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectperspirationfraction.com
Fingerprint19:0B:C2:9B:C0:F1:37:D8:50:FE:2E:3D:11:E0:69:E9:1B:96:38:F8
ValidityTue, 28 Nov 2023 08:02:25 GMT - Mon, 26 Feb 2024 08:02:24 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXmY96EEMIoiXQXBRWCbd85txBTGukWBMYnYl56qu6kmZ6q62qnt6MqfgguxxBMGfU%2BebZIProu7Fm6ATL8uKkD4oORiv3oWwF0F6dmD0QdV73%2Fvq8H3v1ccH6TlxkdKzzXf1UCpFF1s1t%2Frytoy4zmx1%2FWbVc2vuteq2jNrNa9VBeZn%2Bq57bqrmvVN8W%2Fq5erLue63quV12RRgR6sDhlIeN7Xa%2FWdWvNes1rNTEw%2F8c2dWCpA94%2FJwuQvLi88%2BA%2BpD9BFH53XdjdRMdX3wpTRRNt0OfH70e7kc4ihPMyMA6C6Hj2GtoWhHx%2BCTo6njmA7h%2BWDsBkQZzfPbDoeCYTrH%2F0WClTEBEYfwpZfwKhJpB0Al%2FfguSnBPA51jcQhXfWtcno3mOWlmxBKhd%2FQ2YFqfzxLKLwm2UlB9UbWqWJ1JHFIMghBxPI3gRxeoJk6EBmJ%2FCTjyD5r2TxYg1ReLhhlYbk%2BdS9lBPIYAIlRqDWQVoe6SANHKSxg5CfVWmrG7huJ2BBo7HU9H2%2F0fD91lKbt3ijuRS4SP1S3ghJPIKvRvDNPmKzj135yWlrASb9EXYnh%2BUObFIQ57199HmOTBBkliCjBJkkyBKCrJ8fcWXrNr%2FDlU2ZN8v1WW7kY530DuiRTnoiIgfxOXmmHI3zdPMl7IqzaqdRbweNdp01vaDO2oyzxlKH8a7rNanothiszCHtpanboSzICxcfIpYFufxXDEZPYNUJfLkAmnqg2bhTd0F3xs0lF8PobiJoqG1tsDcE1znipIJkzzlQ5%2BT56YKutr%2BF8B%2BSWcA3OWKT4wP5M0FP3R5v6YwcbunMkvsbcSJDOaTl8m4kNBFP3H1H7GXa8NXrdvTVG35JlOW9m8ImazTiMupZ8vWy5FyYFW18QX5YtduCbaZ2Zzk1URqvbb65shrGRlgrdTQBlacbj%2BCX9h69OP2Wz201Ic0EJs0RpnOlUk%2Fgx%2Fuw8bxnNYFRc8xiB1maj02dzZtKEigxx5TlsP%2FBbF4f2NvomQpocgtRmKNvcvRVDqpGsOmT4yQ2D19%2F8EUZX4KpypgpUzlkyqhPp6MtyJWfPivIle9%2FK8hrf%2F4CK8%2BqohW4gXDrggVdFnSoy7tBs8to1xMd1qIeEluI3j%2BX%2FwUAAP%2F%2FAQAA%2F%2F%2FqtBTufQQAAA%3D%3D HTTP/1.1
Host: perspirationfraction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 03:09:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9927804fab54c6dff6c5293a7f73be72
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/b4/6d/0e/b46d0e46cf213661b4798ed35e81643c/1627974582.jpg

45.133.44.9

200 OK

16 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/b4/6d/0e/b46d0e46cf213661b4798ed35e81643c/1627974582.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
16 kB (15967 bytes)
Hash
18824639d2c05601023e0c65c9254198
e3f92d3067c69e5d4ccf93b24b748b09f3302d98
804d0b21ee4a862f7b6417b643ffdbc5588f5c366eaac4ec7962a82bb9e38879

HTTP Headers

GET /cti/b4/6d/0e/b46d0e46cf213661b4798ed35e81643c/1627974582.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 03:09:57 GMT
content-type: image/jpeg
content-length: 15967
server: nginx/1.21.6
last-modified: Tue, 03 Aug 2021 07:09:50 GMT
etag: "6108ebbe-3e5f"
expires: Sat, 02 Dec 2023 03:09:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/e8/16/fb/e816fbb8b8b55c21ed4139466c6bca03/1675417831.jpeg

45.133.44.9

200 OK

32 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/e8/16/fb/e816fbb8b8b55c21ed4139466c6bca03/1675417831.jpeg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
32 kB (32522 bytes)
Hash
b6204e2fecc1394ab096b0cb5c713329
9efbcb902cf965d2ecd61780ca46dd616a5b4f6e
11d07a2a74166992bd1116ac69d0230818d534fdbd02de96c811f294b1d28b42

HTTP Headers

GET /cti/e8/16/fb/e816fbb8b8b55c21ed4139466c6bca03/1675417831.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 03:09:57 GMT
content-type: image/jpeg
content-length: 32522
server: nginx/1.21.6
last-modified: Fri, 03 Feb 2023 09:50:39 GMT
etag: "63dcd8ef-7f0a"
expires: Sat, 02 Dec 2023 03:09:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/da/23/da/da23dacb6b0a1e4010839a07ed3d5ec8/1606977837.jpeg

45.133.44.9

200 OK

32 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/da/23/da/da23dacb6b0a1e4010839a07ed3d5ec8/1606977837.jpeg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Size
32 kB (31722 bytes)
Hash
d75e2cd92289db781a91a6f13b9a6bd7
b39b549b647fa8d204af1e14ad498cc6540ab564
6a9f314429a5ec52da36f7f6a6a0a44e7f55727d502473f1a7f4f748ff318adb

HTTP Headers

GET /cti/da/23/da/da23dacb6b0a1e4010839a07ed3d5ec8/1606977837.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 03:09:57 GMT
content-type: image/jpeg
content-length: 31722
server: nginx/1.21.6
last-modified: Thu, 03 Dec 2020 06:44:05 GMT
etag: "5fc88935-7bea"
expires: Sat, 02 Dec 2023 03:09:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

perspirationfraction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXmc96EGMXsTLXHZRWCbd85txBTGukWBM4u5KzlVd1ZMy1V1tVff0ZE7BBdnjKII%2Fp843yQbXRd2LN0EnXpYVIX1QcjBevQvBg4L07MDog6r3vvfV4fveqw%2F20zPiIqWnm2%2FpoVSKLrZqbvWFLRlxndnq%2Bs2q59bcq9UtGbWbV6uD8jL9lzy3VXNfrL4h%2FB29WHc91%2FVcr7oijQj0YHHKQsb3ul6t69aa9ZrXamJg%2Fo9t6sBSB7x%2FRhYgeXFx%2B8F9SH%2BCKPzmmrA7iY6vvB6miibaoM%2BP3ol2Ip1FCOdlYBwE0dHsNbQtCPn0AnR0NHMA3T8oHYDJgji%2FemDR0UwmWP%2FwkVKmICIw%2FiSy%2FgRCTSDpBL6%2BBclPCOBzrG8gCu%2Bsa5PR3UcsLdmCVM7%2FhMwKUvntWUThV8tKDqo3tEoTqSOLQZBDDiaQvQni9BjJ0IHMjuEn70Pyn8ni%2BRqi8GDDKg3J86l7KSeQwQRKjECtg7Q80kEaOEhjByE%2FrdJWN3DdTsCCRmOp6ft%2Bo%2BH7raU2b%2FFGcylwkfqlvBGSeARfjeCbPcRmDzvyw5PWAkz6Pex2Dssd2KQgztt76PMcmSDILEFGCTJJkCUEWT8%2F5MrWbX6HK5syb5brs9zIxzrp7dNDnfRERPbjM%2FJ0ORrnqeYl7IjTaqdRbweNdp01vaDO2oyzxlKH8a7rNanothiszCHthanboSzI8%2BfvIZYFufhHDEaPYdUxfLkAmnqg2bhTd0G3x80lF8PobiJoqG1tsDsE1znipIJk19lXZ%2BS56YIuf%2FsLhP%2BQzAK%2ByRGbHO%2FKHwl66vb4us7IwXWdWXJ%2FI05kKIe0XN6NhCbi8btvit1MG756zY6%2BeNUvibK8d1PYZI1GXEY9S75clpwLs6KNL8h3q3ZLsM3Ubi%2BnJkrjtc3XVlbD2AhrpY4moPJk4y%2F4pb2%2FP5p%2By2c2LkGaCUyaI0znSqWewI%2F3YON5z2oCo%2BaYxY8hS%2FOxqbN5U0kCJeaYshz2P5jN6317Gz1TAU1uIQpz9E2OvspB1Qg2fWKcxObhKw8%2BK%2BNzMFUZM2UqB0wZ9XFBrrS%2FLsjlHz6ZDrkgL%2F%2F%2BE6w8rYpW4AbCrQsWdFnQoS7vBs0uo11PdFiLekhsIXr%2FXPwXAAD%2F%2FwEAAP%2F%2FIFmfpH0EAAA%3D

192.243.59.20

200 OK

7 B

URL GET HTTP/1.1
perspirationfraction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXmc96EGMXsTLXHZRWCbd85txBTGukWBM4u5KzlVd1ZMy1V1tVff0ZE7BBdnjKII%2Fp843yQbXRd2LN0EnXpYVIX1QcjBevQvBg4L07MDog6r3vvfV4fveqw%2F20zPiIqWnm2%2FpoVSKLrZqbvWFLRlxndnq%2Bs2q59bcq9UtGbWbV6uD8jL9lzy3VXNfrL4h%2FB29WHc91%2FVcr7oijQj0YHHKQsb3ul6t69aa9ZrXamJg%2Fo9t6sBSB7x%2FRhYgeXFx%2B8F9SH%2BCKPzmmrA7iY6vvB6miibaoM%2BP3ol2Ip1FCOdlYBwE0dHsNbQtCPn0AnR0NHMA3T8oHYDJgji%2FemDR0UwmWP%2FwkVKmICIw%2FiSy%2FgRCTSDpBL6%2BBclPCOBzrG8gCu%2Bsa5PR3UcsLdmCVM7%2FhMwKUvntWUThV8tKDqo3tEoTqSOLQZBDDiaQvQni9BjJ0IHMjuEn70Pyn8ni%2BRqi8GDDKg3J86l7KSeQwQRKjECtg7Q80kEaOEhjByE%2FrdJWN3DdTsCCRmOp6ft%2Bo%2BH7raU2b%2FFGcylwkfqlvBGSeARfjeCbPcRmDzvyw5PWAkz6Pex2Dssd2KQgztt76PMcmSDILEFGCTJJkCUEWT8%2F5MrWbX6HK5syb5brs9zIxzrp7dNDnfRERPbjM%2FJ0ORrnqeYl7IjTaqdRbweNdp01vaDO2oyzxlKH8a7rNanothiszCHthanboSzI8%2BfvIZYFufhHDEaPYdUxfLkAmnqg2bhTd0G3x80lF8PobiJoqG1tsDsE1znipIJk19lXZ%2BS56YIuf%2FsLhP%2BQzAK%2ByRGbHO%2FKHwl66vb4us7IwXWdWXJ%2FI05kKIe0XN6NhCbi8btvit1MG756zY6%2BeNUvibK8d1PYZI1GXEY9S75clpwLs6KNL8h3q3ZLsM3Ubi%2BnJkrjtc3XVlbD2AhrpY4moPJk4y%2F4pb2%2FP5p%2By2c2LkGaCUyaI0znSqWewI%2F3YON5z2oCo%2BaYxY8hS%2FOxqbN5U0kCJeaYshz2P5jN6317Gz1TAU1uIQpz9E2OvspB1Qg2fWKcxObhKw8%2BK%2BNzMFUZM2UqB0wZ9XFBrrS%2FLsjlHz6ZDrkgL%2F%2F%2BE6w8rYpW4AbCrQsWdFnQoS7vBs0uo11PdFiLekhsIXr%2FXPwXAAD%2F%2FwEAAP%2F%2FIFmfpH0EAAA%3D
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectperspirationfraction.com
Fingerprint19:0B:C2:9B:C0:F1:37:D8:50:FE:2E:3D:11:E0:69:E9:1B:96:38:F8
ValidityTue, 28 Nov 2023 08:02:25 GMT - Mon, 26 Feb 2024 08:02:24 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXmc96EGMXsTLXHZRWCbd85txBTGukWBM4u5KzlVd1ZMy1V1tVff0ZE7BBdnjKII%2Fp843yQbXRd2LN0EnXpYVIX1QcjBevQvBg4L07MDog6r3vvfV4fveqw%2F20zPiIqWnm2%2FpoVSKLrZqbvWFLRlxndnq%2Bs2q59bcq9UtGbWbV6uD8jL9lzy3VXNfrL4h%2FB29WHc91%2FVcr7oijQj0YHHKQsb3ul6t69aa9ZrXamJg%2Fo9t6sBSB7x%2FRhYgeXFx%2B8F9SH%2BCKPzmmrA7iY6vvB6miibaoM%2BP3ol2Ip1FCOdlYBwE0dHsNbQtCPn0AnR0NHMA3T8oHYDJgji%2FemDR0UwmWP%2FwkVKmICIw%2FiSy%2FgRCTSDpBL6%2BBclPCOBzrG8gCu%2Bsa5PR3UcsLdmCVM7%2FhMwKUvntWUThV8tKDqo3tEoTqSOLQZBDDiaQvQni9BjJ0IHMjuEn70Pyn8ni%2BRqi8GDDKg3J86l7KSeQwQRKjECtg7Q80kEaOEhjByE%2FrdJWN3DdTsCCRmOp6ft%2Bo%2BH7raU2b%2FFGcylwkfqlvBGSeARfjeCbPcRmDzvyw5PWAkz6Pex2Dssd2KQgztt76PMcmSDILEFGCTJJkCUEWT8%2F5MrWbX6HK5syb5brs9zIxzrp7dNDnfRERPbjM%2FJ0ORrnqeYl7IjTaqdRbweNdp01vaDO2oyzxlKH8a7rNanothiszCHthanboSzI8%2BfvIZYFufhHDEaPYdUxfLkAmnqg2bhTd0G3x80lF8PobiJoqG1tsDsE1znipIJk19lXZ%2BS56YIuf%2FsLhP%2BQzAK%2ByRGbHO%2FKHwl66vb4us7IwXWdWXJ%2FI05kKIe0XN6NhCbi8btvit1MG756zY6%2BeNUvibK8d1PYZI1GXEY9S75clpwLs6KNL8h3q3ZLsM3Ubi%2BnJkrjtc3XVlbD2AhrpY4moPJk4y%2F4pb2%2FP5p%2By2c2LkGaCUyaI0znSqWewI%2F3YON5z2oCo%2BaYxY8hS%2FOxqbN5U0kCJeaYshz2P5jN6317Gz1TAU1uIQpz9E2OvspB1Qg2fWKcxObhKw8%2BK%2BNzMFUZM2UqB0wZ9XFBrrS%2FLsjlHz6ZDrkgL%2F%2F%2BE6w8rYpW4AbCrQsWdFnQoS7vBs0uo11PdFiLekhsIXr%2FXPwXAAD%2F%2FwEAAP%2F%2FIFmfpH0EAAA%3D HTTP/1.1
Host: perspirationfraction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 03:09:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d278413bce448c25ca58bad849865973
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/9d/f4/2f/9df42fffce83a72533205ab5c0ec687c/1607065015.jpg

45.133.44.9

200 OK

32 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/9d/f4/2f/9df42fffce83a72533205ab5c0ec687c/1607065015.jpg
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 321x240, components 3\012- data
Size
32 kB (31835 bytes)
Hash
811335099e655ee6f9b6877479759cb3
d2baadde90b0ec3f039bf8ef05443d03e948c323
86eaf49c87f6958a519e90b6b5b479ded7d00402613dabe822fa01ddc419233a

HTTP Headers

GET /cti/9d/f4/2f/9df42fffce83a72533205ab5c0ec687c/1607065015.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 03:09:57 GMT
content-type: image/jpeg
content-length: 31835
server: nginx/1.21.6
last-modified: Fri, 04 Dec 2020 06:57:04 GMT
etag: "5fc9ddc0-7c5b"
expires: Sat, 02 Dec 2023 03:09:57 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

demeanourgrade.com/watch.215763291696.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.3095&uuid=3aab320c-c6ef-4893-993c-4c8930c4de9b%3A3%3A1&shu=9bda46ade7266d8b45e451e0e194e13f8d83093a828d3d20e5554a59ca9cadd8eee3198de87007b2116738823faeec71f12bac91e6e3db4f41a0977a64af296baacab00408cac2d1a12c366878283c8cdc4e5678968c1d63e505b0b0cc0da3&pst=1701313857&rmtc=t

192.243.59.12

200 OK

2.0 kB

URL GET HTTP/1.1
demeanourgrade.com/watch.215763291696.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.3095&uuid=3aab320c-c6ef-4893-993c-4c8930c4de9b%3A3%3A1&shu=9bda46ade7266d8b45e451e0e194e13f8d83093a828d3d20e5554a59ca9cadd8eee3198de87007b2116738823faeec71f12bac91e6e3db4f41a0977a64af296baacab00408cac2d1a12c366878283c8cdc4e5678968c1d63e505b0b0cc0da3&pst=1701313857&rmtc=t
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectdemeanourgrade.com
Fingerprint97:79:AD:04:07:B5:1D:6E:8E:6A:A1:80:DC:F7:25:95:76:09:45:F1
ValidityTue, 28 Nov 2023 08:07:04 GMT - Mon, 26 Feb 2024 08:07:03 GMT

File type
HTML document, ASCII text, with very long lines (2434)
Size
2.0 kB (1973 bytes)
Hash
eb148f23beeabd706b9744b05e8fbf36
ef35b46dbb759909179bd952009397c997b2bbd9
e7be0019208f25b1c75612794532a4284dce47ea9e35a6c369265466912fc478

HTTP Headers

GET /watch.215763291696.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.3095&uuid=3aab320c-c6ef-4893-993c-4c8930c4de9b%3A3%3A1&shu=9bda46ade7266d8b45e451e0e194e13f8d83093a828d3d20e5554a59ca9cadd8eee3198de87007b2116738823faeec71f12bac91e6e3db4f41a0977a64af296baacab00408cac2d1a12c366878283c8cdc4e5678968c1d63e505b0b0cc0da3&pst=1701313857&rmtc=t HTTP/1.1
Host: demeanourgrade.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17155452; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE1NTQ1MiwiayI6ImFlMzMzZTgyY2ZhZWFkOWJhMjJlNjQ5NTRjMTM5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODMyNTYxLCJwaWQiOjM4NzE4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyMywicHQiOjQsInBrIjoiYXM3MnhuaXRqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRlYW1vcy54eXovIn19.wAMuGFnSHXkTRhpSJprA2v9VQGW3b-KgRAX_nCr9jcw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 30 Nov 2023 03:09:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=3aab320c-c6ef-4893-993c-4c8930c4de9b:3:1; expires=Thu, 07 Dec 2023 03:09:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 01 Dec 2023 03:09:58 GMT; secure; SameSite=None
uncs=1; expires=Fri, 01 Dec 2023 03:09:58 GMT; secure; SameSite=None
pdhtkv23=true; expires=Fri, 01 Dec 2023 03:09:58 GMT; secure; SameSite=None
uncs23=1; expires=Fri, 01 Dec 2023 03:09:58 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca64bd783bac6a2d9d51ba9a03f11b5e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png

45.133.44.9

200 OK

45 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT

File type
PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Size
45 kB (45371 bytes)
Hash
dbde2854f2a693ab43a1ee72cdf0c686
820bc6fb6d40db1cdc8b9a214d4a8b1138f2e3fa
aa648c4116a815deb4a006ed29f17342ccdb8c0d2ca863b54aa2517e1ed88641

HTTP Headers

GET /cti/08/97/f5/0897f5fd97712cab162ea659e7ab93f0/1627917212.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 03:09:58 GMT
content-type: image/png
content-length: 45371
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:13:41 GMT
etag: "61080ba5-b13b"
expires: Sat, 02 Dec 2023 03:09:58 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

perspirationfraction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXiYe3IMYvIge%2BuKisEy65zfjCmJcI8GYxN2VnKu6qidlqrvaqu7pyZyCC7LHEQR%2FTp1vkg2ui7oXb4JOvCwrQvqwkoPx4MW7ELwIMsnAuA%2Bq3vveV4fve68%2B3stOiYeMnmy8qwdSKbrQrHruy5sy5jq37tot1%2Feq3jV3U8atxjW3P7lM71Xfa1a9V9y3RbCtF2qe73m%2B57vL0ohQ9xfOWcjkfsevdrxqo1b1mw30zZPYZg4sdcB7p2QekpdzWw8fQAZjxNF314XdTnVy9a0oUzTVBj1%2B%2BH68Hes8RjQrQ%2BMgjA%2Bnr6FtScjnl6Djw6kD6N7%2BxAGYLInzmw8WH05lgvUOLpQyBRGD8cvIe2MINYakYwT6NiQ%2FJkDAsbaOOLq7pk1Ody5YOmFLUjn7GzIvSeX35xBH3ywp2XdvapWlUscW%2FbCA7I8hu2Mk2RHSgQOZHyFIP4Lkv5KFs1XE0f66VRqSF%2BfupRxDhmMoMQS1DrLJkQ6y0EGWOIj4iUubndDz2iEL6%2FXFRhAE9XoQNBdbvMnrjcXQQxZM5A2RJkMEaojA7CIxu9iWnxw352GyH2G3CljuwKYlcd7bRY8XyAVBbglySpBLgjwlyHvFAVe2Zou7XNmM%2BdNcm%2BZ6MdJpd48e6LQrYrKXnJJnJ6Nxnmm8hG1x4rbrtVZYb9VYww9rrMU4qy%2B2Ge94foOKTpPBygLSXjp3O5AleeHsQySyJHN%2FJWD0CFYdIZDzoJkPmo%2FaNQ90a9RY9DCI76WCRtpW%2BzsDcF0gSStId5w9dUqeP1%2FQa3%2F8AhE8ItNAYAokpsAH8meCrrozuqFzsn9D55Y8WE9SGckBnSzvZkpT8dS9d8ROrg1fuW6HX70RTIhJef%2BWsOkqjbmMu5Z8vSQ5F2ZZm0CQH1bspmAbmd1aykycJasbby6vRIkR1kodj0Hl8fo%2FCGRJLr%2F45%2Fm3dB8LSDOGyQpE2Uyp1GMEyS5sMutZTWDUDLOkgjwrRqbGZk0lCZSYYcoK2P9hNqv37B10TQU0vY04KtAzBXqqAFVD2OzpUZqYR68%2F%2FGISX4KpyogpU9lnyqhPS3K19W1Jrvz0WUmufP%2F4YtJWnriiGXqh8GqChR0WtqnHO2Gjw2jHF23WpD5SW4ruv3P%2FAQAA%2F%2F8BAAD%2F%2F%2BkY4F19BAAA

173.233.137.36

200 OK

7 B

URL GET HTTP/1.1
perspirationfraction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXiYe3IMYvIge%2BuKisEy65zfjCmJcI8GYxN2VnKu6qidlqrvaqu7pyZyCC7LHEQR%2FTp1vkg2ui7oXb4JOvCwrQvqwkoPx4MW7ELwIMsnAuA%2Bq3vveV4fve68%2B3stOiYeMnmy8qwdSKbrQrHruy5sy5jq37tot1%2Feq3jV3U8atxjW3P7lM71Xfa1a9V9y3RbCtF2qe73m%2B57vL0ohQ9xfOWcjkfsevdrxqo1b1mw30zZPYZg4sdcB7p2QekpdzWw8fQAZjxNF314XdTnVy9a0oUzTVBj1%2B%2BH68Hes8RjQrQ%2BMgjA%2Bnr6FtScjnl6Djw6kD6N7%2BxAGYLInzmw8WH05lgvUOLpQyBRGD8cvIe2MINYakYwT6NiQ%2FJkDAsbaOOLq7pk1Ody5YOmFLUjn7GzIvSeX35xBH3ywp2XdvapWlUscW%2FbCA7I8hu2Mk2RHSgQOZHyFIP4Lkv5KFs1XE0f66VRqSF%2BfupRxDhmMoMQS1DrLJkQ6y0EGWOIj4iUubndDz2iEL6%2FXFRhAE9XoQNBdbvMnrjcXQQxZM5A2RJkMEaojA7CIxu9iWnxw352GyH2G3CljuwKYlcd7bRY8XyAVBbglySpBLgjwlyHvFAVe2Zou7XNmM%2BdNcm%2BZ6MdJpd48e6LQrYrKXnJJnJ6Nxnmm8hG1x4rbrtVZYb9VYww9rrMU4qy%2B2Ge94foOKTpPBygLSXjp3O5AleeHsQySyJHN%2FJWD0CFYdIZDzoJkPmo%2FaNQ90a9RY9DCI76WCRtpW%2BzsDcF0gSStId5w9dUqeP1%2FQa3%2F8AhE8ItNAYAokpsAH8meCrrozuqFzsn9D55Y8WE9SGckBnSzvZkpT8dS9d8ROrg1fuW6HX70RTIhJef%2BWsOkqjbmMu5Z8vSQ5F2ZZm0CQH1bspmAbmd1aykycJasbby6vRIkR1kodj0Hl8fo%2FCGRJLr%2F45%2Fm3dB8LSDOGyQpE2Uyp1GMEyS5sMutZTWDUDLOkgjwrRqbGZk0lCZSYYcoK2P9hNqv37B10TQU0vY04KtAzBXqqAFVD2OzpUZqYR68%2F%2FGISX4KpyogpU9lnyqhPS3K19W1Jrvz0WUmufP%2F4YtJWnriiGXqh8GqChR0WtqnHO2Gjw2jHF23WpD5SW4ruv3P%2FAQAA%2F%2F8BAAD%2F%2F%2BkY4F19BAAA
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectperspirationfraction.com
Fingerprint19:0B:C2:9B:C0:F1:37:D8:50:FE:2E:3D:11:E0:69:E9:1B:96:38:F8
ValidityTue, 28 Nov 2023 08:02:25 GMT - Mon, 26 Feb 2024 08:02:24 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSuXiYe3IMYvIge%2BuKisEy65zfjCmJcI8GYxN2VnKu6qidlqrvaqu7pyZyCC7LHEQR%2FTp1vkg2ui7oXb4JOvCwrQvqwkoPx4MW7ELwIMsnAuA%2Bq3vveV4fve68%2B3stOiYeMnmy8qwdSKbrQrHruy5sy5jq37tot1%2Feq3jV3U8atxjW3P7lM71Xfa1a9V9y3RbCtF2qe73m%2B57vL0ohQ9xfOWcjkfsevdrxqo1b1mw30zZPYZg4sdcB7p2QekpdzWw8fQAZjxNF314XdTnVy9a0oUzTVBj1%2B%2BH68Hes8RjQrQ%2BMgjA%2Bnr6FtScjnl6Djw6kD6N7%2BxAGYLInzmw8WH05lgvUOLpQyBRGD8cvIe2MINYakYwT6NiQ%2FJkDAsbaOOLq7pk1Ody5YOmFLUjn7GzIvSeX35xBH3ywp2XdvapWlUscW%2FbCA7I8hu2Mk2RHSgQOZHyFIP4Lkv5KFs1XE0f66VRqSF%2BfupRxDhmMoMQS1DrLJkQ6y0EGWOIj4iUubndDz2iEL6%2FXFRhAE9XoQNBdbvMnrjcXQQxZM5A2RJkMEaojA7CIxu9iWnxw352GyH2G3CljuwKYlcd7bRY8XyAVBbglySpBLgjwlyHvFAVe2Zou7XNmM%2BdNcm%2BZ6MdJpd48e6LQrYrKXnJJnJ6Nxnmm8hG1x4rbrtVZYb9VYww9rrMU4qy%2B2Ge94foOKTpPBygLSXjp3O5AleeHsQySyJHN%2FJWD0CFYdIZDzoJkPmo%2FaNQ90a9RY9DCI76WCRtpW%2BzsDcF0gSStId5w9dUqeP1%2FQa3%2F8AhE8ItNAYAokpsAH8meCrrozuqFzsn9D55Y8WE9SGckBnSzvZkpT8dS9d8ROrg1fuW6HX70RTIhJef%2BWsOkqjbmMu5Z8vSQ5F2ZZm0CQH1bspmAbmd1aykycJasbby6vRIkR1kodj0Hl8fo%2FCGRJLr%2F45%2Fm3dB8LSDOGyQpE2Uyp1GMEyS5sMutZTWDUDLOkgjwrRqbGZk0lCZSYYcoK2P9hNqv37B10TQU0vY04KtAzBXqqAFVD2OzpUZqYR68%2F%2FGISX4KpyogpU9lnyqhPS3K19W1Jrvz0WUmufP%2F4YtJWnriiGXqh8GqChR0WtqnHO2Gjw2jHF23WpD5SW4ruv3P%2FAQAA%2F%2F8BAAD%2F%2F%2BkY4F19BAAA HTTP/1.1
Host: perspirationfraction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 03:09:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a2d412306ac0c676a50bacb89cf396a4
Strict-Transport-Security: max-age=0; includeSubdomains

www.teamos.xyz/js/xf/notice.min.js?_v=eb121d40

104.21.71.43

200 OK

1.5 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/notice.min.js?_v=eb121d40
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
ASCII text, with very long lines (525)
Size
1.5 kB (1529 bytes)
Hash
b725cc9681612e5c4a6de094bbe33bd9
c2bd0760c401cf86e15fc2b941b14fa7901633e3
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b

HTTP Headers

GET /js/xf/notice.min.js?_v=eb121d40 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
vary: Accept-Encoding
etag: W/"63926c70-e4e"
expires: Sat, 25 Nov 2023 11:42:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 423789
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k1zF4mu%2FLXV4Zvkql1fN%2BTcJfIU7i1oNGcyn6CxnvyuDsUlevO3DirgRSlmm5FJM5FuMe7ULofbJAlx%2Bj58%2BCO%2FI9HddbicxK%2BWirZcS2REymDfmQKzFHBhBN0rVTcH%2FmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4f6dbbf568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/cdn-cgi/rum?

104.21.71.43

204 No Content

0 B

URL POST HTTP/3
www.teamos.xyz/cdn-cgi/rum?
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 440
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0; dom3ic8zudi28v8lr6fgphwffqoz0j6c=3aab320c-c6ef-4893-993c-4c8930c4de9b%3A3%3A1; _ga_ZMK4J7B2XT=GS1.1.1701313801.1.0.1701313801.0.0.0; _ga=GA1.1.2076248087.1701313802; pp_main_a1e8916f3df739635783bc00fa07bfe6=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Thu, 30 Nov 2023 03:10:10 GMT
access-control-allow-origin: https://www.teamos.xyz
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 82dfe554ec23568e-OSL
x-frame-options: DENY
x-content-type-options: nosniff

www.teamos.xyz/

104.21.71.43

200 OK

173 kB

URL User Request GET HTTP/3
www.teamos.xyz/
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type

Size
173 kB (173122 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:54 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Thu, 30 Nov 2023 03:09:54 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
set-cookie: xf_csrf=O9q5d51Dzrmu-HAD; path=/; secure
xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0; path=/; secure; HttpOnly
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TbiRyz9OE1Z%2Bzdc6IXOBwF7r6Yqxb8bV47%2Bc3c0tRgv87SQUlSunh8JtSvyNoWrRdYaAcLmMet1Nlac8B2HK1bwx4JIJ7EZEmWfXM650%2FE0H7vS5cLhsXSK5n%2FnEn9NQfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4f09a4c568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/images/dUy8t.gif

104.21.71.43

200 OK

23 kB

URL GET HTTP/3
www.teamos.xyz/images/dUy8t.gif
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
GIF image data, version 89a, 90 x 68\012- data
Size
23 kB (22768 bytes)
Hash
38be94eee10c04d248dc14b49a940b93
9d4fece605fc55c0ca18443c3018da3c34e40f05
8928b33dafb9036f74c4298b1e4097b90844fbed60bd41b8b9e3bbe4dcbda25b

HTTP Headers

GET /images/dUy8t.gif HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1701211431&k=034405c740f279c15adbbc41dfccb627ca90db04
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: image/gif
content-length: 22768
last-modified: Sun, 07 May 2023 10:55:46 GMT
etag: "645783b2-58f0"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4247
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FllaB77Nzi5HECkMhOOfu9W0DrbnsUZ8Un7btm0IGvbum%2F2NqKeEjY9XGA1wGzCQqXwI%2BypeuIkHkjcVxsL46N9vRStnKlIuY4XyL3kxO0fD653q5tOzNOY4uazvOL755Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f66ba0568e-OSL
alt-svc: h3=":443"; ma=86400

friendshipmale.com/sfp.js

172.64.98.2

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.98.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 03:09:57 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 55fd75ec6b21edf49d9f16392bfcb0ab
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 30 Nov 2023 03:09:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnbhllZLiaMunPDabvihO2q%2FZxH6GzW2nsIrJ3toEdBd4VTVSmrYvFLLmtXHznw4NPZMqX51diwC4U8XGWYLLktNHn%2FRUJBFU5U953bDdfWE4USV3LYN8%2FaLWicelvXmW5HBCdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4ff0c476637-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

teamos.xyz/

104.21.71.43

301 Moved Permanently

173 kB

URL User Request GET HTTP/3
teamos.xyz/
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type

Size
173 kB (173122 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
date: Thu, 30 Nov 2023 03:09:54 GMT
content-type: text/html
location: https://www.teamos.xyz/
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfaMDJZBq1g9aTSU5doxCjBMwc3abf9gblnrBg0mNLJkufIBhZ17XN6Au0pdEa90ugG%2FqygctAmJ1%2BfcvtTyuU3d7PnVywm4EGR2IHebkNKgmdDk16EcBRVf8%2Bm8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4efea21568e-OSL
alt-svc: h3=":443"; ma=86400

my.teamos.xyz/00125f0b5c4b51868fe5ec0b88beb9c8/announce7:comment39:Downloaded

104.21.71.43

302 Found

173 kB

URL User Request GET HTTP/2
my.teamos.xyz/00125f0b5c4b51868fe5ec0b88beb9c8/announce7:comment39:Downloaded
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type

Size
173 kB (173122 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /00125f0b5c4b51868fe5ec0b88beb9c8/announce7:comment39:Downloaded HTTP/1.1
Host: my.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 30 Nov 2023 03:09:54 GMT
location: https://teamos.xyz
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fIvKR05ET%2FN0xZbfvuYu9ukw%2B0CC3yet1dfawUdEXvNk8DD7vZr94woa7NaUEv94YSd4%2BwciGTKgjmQJ2ECIxTr5lKURtlbbYjxKWAvDgzII6jKuoVESsct20J%2BZrBnI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4ef6d321bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

perspirationfraction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuXia%2Fw8%2BDGL2Il7m4KCyT7vmbcQUxrpFgTOL%2BIeeqrupJmequtqp7ejKn4ILscRTBP6fON8kG10XdizdBJ16WFSF9UHIwXr0LwYOC9OzA6IOq97731eH73qv3D9Jz4iKlZ1tv6aFUii61am71hW0ZcZ3Z6sbNqufW3KvVbRm1m1erg%2FIy%2FZc8t1VzX6y%2BIfxdvVR3Pdf1XK%2B6Ko0I9GBpykLG97terevWmvWa12piYP6LberAUge8f04WIXmxsPPwAaQ%2FQRR%2BfU3Y3UTHV14PU0UTbdDnx7ei3UhnEcJ5GRgHQXQ8ew1tC0I%2BuQQdHc8cQPcPSwdgsiDOLx5YdDyTCdY%2FeqyUKYgIjD%2BBrD%2BBUBNIOoGvb0PyUwL4HBubiMK7G9pkdO8xS0u2IJWLPyCzglR%2BfQZR%2BOWKkoPqDa3SROrIYhDkkIMJZG%2BCOD1BMnQgsxP4yXuQ%2FCeydLGOKDzctEpD8nzqXsoJZDCBEiNQ6yAtj3SQBg7S2EHIz6q01Q1ctxOwoNFYbvq%2B32j4fmu5zVu80VwOXKR%2BKW%2BEJB7BVyP4Zh%2Bx2ceu%2FOC0tQiTfge7k8NyBzYpiPP2Pvo8RyYIMkuQUYJMEmQJQdbPj7iydZvf5cqmzJvl%2Biw38rFOegf0SCc9EZGD%2BJw8VY7GebL5PHbFWbXTqLeDRrvOml5QZ23GWWO5w3jX9ZpUdFsMVuaQ9tLU7VAW5LmLdxHLgiz8HoPRE1h1Al8ugqYeaDbu1F3QnXFz2cUwupcIGmpbG%2BwNwXWOOKkg2XMO1Dl5drqgy99%2FDOE%2FIrOAb3LEJsc78geCnrozvq4zcnhdZ5Y82IwTGcohLZd3I6GJ%2BN%2B9N8Vepg1fu2ZHn7%2Fql0RZ3r8pbLJOIy6jniVfrEjOhVnVxhfk2zW7LdhWandWUhOl8frWa6trYWyEtVJHE1B5uvkn%2FNLeXx9Ov%2BXTtzYhzQQmzRGmc6VST%2BDH%2B7DxvGc1gVFzzOJLyNJ8bOps3lSSQIk5piyH%2FRdm8%2FrA3kHPVECT24jCHH2To69yUDWCTf8%2FTmLz6JWHn5bxGZiqjJkylUOmjPqoIFfaX03nW5DL3%2FxckJd%2F%2BxFWnlVFK3AD4dYFC7os6FCXd4Nml9GuJzqsRT0kthC9vxf%2BAQAA%2F%2F8BAAD%2F%2F5Ut6Cd9BAAA

173.233.137.36

200 OK

0 B

URL GET HTTP/1.1
perspirationfraction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuXia%2Fw8%2BDGL2Il7m4KCyT7vmbcQUxrpFgTOL%2BIeeqrupJmequtqp7ejKn4ILscRTBP6fON8kG10XdizdBJ16WFSF9UHIwXr0LwYOC9OzA6IOq97731eH73qv3D9Jz4iKlZ1tv6aFUii61am71hW0ZcZ3Z6sbNqufW3KvVbRm1m1erg%2FIy%2FZc8t1VzX6y%2BIfxdvVR3Pdf1XK%2B6Ko0I9GBpykLG97terevWmvWa12piYP6LberAUge8f04WIXmxsPPwAaQ%2FQRR%2BfU3Y3UTHV14PU0UTbdDnx7ei3UhnEcJ5GRgHQXQ8ew1tC0I%2BuQQdHc8cQPcPSwdgsiDOLx5YdDyTCdY%2FeqyUKYgIjD%2BBrD%2BBUBNIOoGvb0PyUwL4HBubiMK7G9pkdO8xS0u2IJWLPyCzglR%2BfQZR%2BOWKkoPqDa3SROrIYhDkkIMJZG%2BCOD1BMnQgsxP4yXuQ%2FCeydLGOKDzctEpD8nzqXsoJZDCBEiNQ6yAtj3SQBg7S2EHIz6q01Q1ctxOwoNFYbvq%2B32j4fmu5zVu80VwOXKR%2BKW%2BEJB7BVyP4Zh%2Bx2ceu%2FOC0tQiTfge7k8NyBzYpiPP2Pvo8RyYIMkuQUYJMEmQJQdbPj7iydZvf5cqmzJvl%2Biw38rFOegf0SCc9EZGD%2BJw8VY7GebL5PHbFWbXTqLeDRrvOml5QZ23GWWO5w3jX9ZpUdFsMVuaQ9tLU7VAW5LmLdxHLgiz8HoPRE1h1Al8ugqYeaDbu1F3QnXFz2cUwupcIGmpbG%2BwNwXWOOKkg2XMO1Dl5drqgy99%2FDOE%2FIrOAb3LEJsc78geCnrozvq4zcnhdZ5Y82IwTGcohLZd3I6GJ%2BN%2B9N8Vepg1fu2ZHn7%2Fql0RZ3r8pbLJOIy6jniVfrEjOhVnVxhfk2zW7LdhWandWUhOl8frWa6trYWyEtVJHE1B5uvkn%2FNLeXx9Ov%2BXTtzYhzQQmzRGmc6VST%2BDH%2B7DxvGc1gVFzzOJLyNJ8bOps3lSSQIk5piyH%2FRdm8%2FrA3kHPVECT24jCHH2To69yUDWCTf8%2FTmLz6JWHn5bxGZiqjJkylUOmjPqoIFfaX03nW5DL3%2FxckJd%2F%2BxFWnlVFK3AD4dYFC7os6FCXd4Nml9GuJzqsRT0kthC9vxf%2BAQAA%2F%2F8BAAD%2F%2F5Ut6Cd9BAAA
IP
173.233.137.36:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectperspirationfraction.com
Fingerprint19:0B:C2:9B:C0:F1:37:D8:50:FE:2E:3D:11:E0:69:E9:1B:96:38:F8
ValidityTue, 28 Nov 2023 08:02:25 GMT - Mon, 26 Feb 2024 08:02:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReuXia%2Fw8%2BDGL2Il7m4KCyT7vmbcQUxrpFgTOL%2BIeeqrupJmequtqp7ejKn4ILscRTBP6fON8kG10XdizdBJ16WFSF9UHIwXr0LwYOC9OzA6IOq97731eH73qv3D9Jz4iKlZ1tv6aFUii61am71hW0ZcZ3Z6sbNqufW3KvVbRm1m1erg%2FIy%2FZc8t1VzX6y%2BIfxdvVR3Pdf1XK%2B6Ko0I9GBpykLG97terevWmvWa12piYP6LberAUge8f04WIXmxsPPwAaQ%2FQRR%2BfU3Y3UTHV14PU0UTbdDnx7ei3UhnEcJ5GRgHQXQ8ew1tC0I%2BuQQdHc8cQPcPSwdgsiDOLx5YdDyTCdY%2FeqyUKYgIjD%2BBrD%2BBUBNIOoGvb0PyUwL4HBubiMK7G9pkdO8xS0u2IJWLPyCzglR%2BfQZR%2BOWKkoPqDa3SROrIYhDkkIMJZG%2BCOD1BMnQgsxP4yXuQ%2FCeydLGOKDzctEpD8nzqXsoJZDCBEiNQ6yAtj3SQBg7S2EHIz6q01Q1ctxOwoNFYbvq%2B32j4fmu5zVu80VwOXKR%2BKW%2BEJB7BVyP4Zh%2Bx2ceu%2FOC0tQiTfge7k8NyBzYpiPP2Pvo8RyYIMkuQUYJMEmQJQdbPj7iydZvf5cqmzJvl%2Biw38rFOegf0SCc9EZGD%2BJw8VY7GebL5PHbFWbXTqLeDRrvOml5QZ23GWWO5w3jX9ZpUdFsMVuaQ9tLU7VAW5LmLdxHLgiz8HoPRE1h1Al8ugqYeaDbu1F3QnXFz2cUwupcIGmpbG%2BwNwXWOOKkg2XMO1Dl5drqgy99%2FDOE%2FIrOAb3LEJsc78geCnrozvq4zcnhdZ5Y82IwTGcohLZd3I6GJ%2BN%2B9N8Vepg1fu2ZHn7%2Fql0RZ3r8pbLJOIy6jniVfrEjOhVnVxhfk2zW7LdhWandWUhOl8frWa6trYWyEtVJHE1B5uvkn%2FNLeXx9Ov%2BXTtzYhzQQmzRGmc6VST%2BDH%2B7DxvGc1gVFzzOJLyNJ8bOps3lSSQIk5piyH%2FRdm8%2FrA3kHPVECT24jCHH2To69yUDWCTf8%2FTmLz6JWHn5bxGZiqjJkylUOmjPqoIFfaX03nW5DL3%2FxckJd%2F%2BxFWnlVFK3AD4dYFC7os6FCXd4Nml9GuJzqsRT0kthC9vxf%2BAQAA%2F%2F8BAAD%2F%2F5Ut6Cd9BAAA HTTP/1.1
Host: perspirationfraction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 30 Nov 2023 03:09:58 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dca277d0e2eab26fce5d1b3d8a92b7b3
Strict-Transport-Security: max-age=0; includeSubdomains

static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

104.16.56.101

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP
104.16.56.101:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

File type
ASCII text, with very long lines (19986), with no line terminators
Size
20 kB (19986 bytes)
Hash
dd1d068fdb5fe90b6c05a5b3940e088c
0d96f9df8772633a9df4c81cf323a4ef8998ba59
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

HTTP Headers

GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dfe4f55faab524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.teamos.xyz/js/vendor/vendor-compiled.js?_v=eb121d40

104.21.71.43

200 OK

43 kB

URL GET HTTP/3
www.teamos.xyz/js/vendor/vendor-compiled.js?_v=eb121d40
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
ASCII text, with very long lines (15908)
Size
43 kB (42926 bytes)
Hash
372b0c5f17990ad741c3d02593f63fe8
4e577cb859755cbf104a2334e6307a5291558689
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

HTTP Headers

GET /js/vendor/vendor-compiled.js?_v=eb121d40 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=43704
etag: W/"63926c70-aab8"
expires: Wed, 06 Dec 2023 02:00:25 GMT
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
cf-cache-status: HIT
age: 69123
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYgg2KRXhRNGHWZ%2FK52rbYrAxREQ9hhLLjapSLt2sgFP1340y329Xb4aKem7%2BEt9y0l9%2Fo8iZIrIoY8EEtcFPwicyR7rG4x8j0eMaogee1FtlKeHi9hA%2FxGT0HkmugmTvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4f6dbc1568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1701211431&k=034405c740f279c15adbbc41dfccb627ca90db04

104.21.71.43

200 OK

397 kB

URL GET HTTP/3
www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1701211431&k=034405c740f279c15adbbc41dfccb627ca90db04
IP
104.21.71.43:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint48:6D:36:CD:4D:44:01:AF:5A:8A:73:DA:A7:0E:57:D2:3A:0E:FB:D7
ValidityTue, 24 Oct 2023 05:19:22 GMT - Mon, 22 Jan 2024 05:19:21 GMT

File type
ASCII text, with very long lines (63233)
Size
397 kB (396762 bytes)
Hash
ca8b60ddaf8efe6e6e2c8238947a2a20
7efd8f6ce98cf1dbe6f55729d7be5eea309846a4
86d0e326cd98c5c555669c9d8621176c085ca0646bb10479a4a8e1e8244b96e5

HTTP Headers

GET /css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1701211431&k=034405c740f279c15adbbc41dfccb627ca90db04 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=O9q5d51Dzrmu-HAD; xf_session=yhF2XBf4F3bPLuUJcpp_JdaQe3i7TiM0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 03:09:55 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Fri, 29 Nov 2024 03:09:55 GMT
last-modified: Tue, 28 Nov 2023 22:43:51 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5dbjYFmIQIemurFHYff86ZQpZFMeBKFQS9kxK8ucrKr6rDULC%2BFRKN2KykaT9wTwgtMcZNpBKBuB%2Bkx4p7l%2FiAARm6OaVd5SjmqGvING%2FVrJu1deFkx80Ncz%2Bc6I02Mfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82dfe4f48b3a568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML