{"report_id":"b94fba66-838d-4f02-a823-9577a87158cc","version":0,"status":"done","tags":[],"date":"2026-07-05T09:54:18Z","url":{"schema":"http","addr":"microsoftteamservice.org/","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"microsoftteamservice.org/","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"title":"Microsoft Team Services - Business Plans \u0026 Subscriptions","dom":{"size":24735,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (24728), with no line terminators","md5":"c3a298161912fd966284723b5ae41eab","sha1":"988ef7a5e77a05340838d3f1629e1ff3fdff1181","sha256":"c520826d8bdbb1b0f0cc160c7dfe423332f84831ef50edec235b277b30aae55b","sha512":"7eabcfc0bd875de873c476c3adfe0a92a69d599950a468eeed7bf0b4f00bc180fbc9574fdb57a21c37420585b448ee9ae4b7b0c6b9409b372cf9546b1a7ca1f3","ssdeep":"384:InBuRr+kTxuKQ1p4YMLPkUP7gtoAQ2yEU6IOUyR:InBuRqkliSP1P7gtW6HUc","tlshash":"cfb2b739b508ee2dec532e49653f6e39648dc26b8359cd24c6accd3643c29b9a753cc4","dom_hash":"domhashc6a428affb902ebbf265197001047c46","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"microsoftteamservice.org/","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-09T09:54:18Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"microsoftteamservice.org","ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2026-06-26","domain_rank":0,"first_seen":"2026-06-28T10:12:03.079724Z","last_seen":"2026-06-28T10:12:03.079724Z","alert_count":50,"request_count":25,"received_data":2978939,"sent_data":12848,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}]},{"fqdn":"api.jsonbin.io","ip":{"addr":"172.67.176.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-05-11","domain_rank":0,"first_seen":"2018-05-15T15:19:40Z","last_seen":"2026-06-28T10:12:03.684206Z","alert_count":0,"request_count":2,"received_data":3849,"sent_data":1198,"comment":"","tags":null,"fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}]},{"fqdn":"team-services-b8a54-default-rtdb.europe-west1.firebasedatabase.app","ip":{"addr":"34.107.226.223","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2020-02-26","domain_rank":0,"first_seen":"2026-07-05T09:54:20.21075Z","last_seen":"2026-07-05T09:54:20.21075Z","alert_count":0,"request_count":1,"received_data":254,"sent_data":726,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/webpack-a38551aa898b767a.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7ddca981c1bf8a7de5a17831e3c71fa1","sha1":"f155ac1e5ed3d5e0db823a55bb52320aeedcd4cb","sha256":"69d29bcb5b8592d7296b54633d8e2e4c00f77112368f2bc2791eb7b8527d4fe9","sha512":"f5c01189108f0289b9ce1d2da825a25f826f70f1a5a2a698c095ec432ff69cdc508768e210a374e77a640f7afdb8e5d6747e4adbc774e4fa6ae794f70f7428a9","ssdeep":"","tlshash":"0e7198dd71a1f8b91783a4a1043fa15af13f28b2281ed4a0db25d4f5fc745498223fa9","size":3786,"data":"","first_seen":"2026-06-28T10:12:08.74037Z","last_seen":"2026-07-05T09:54:23.289461Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b40cdc025a72d0b516bd11d9ef0a1776","sha1":"9cd34b30af473b8071638d82dcacef0373194aaf","sha256":"43ef2d3ec8d5b620ec8c5fc2bfc14c3a9836620f75a0a14a0c025ab753cf6f68","sha512":"ffad498a0fda3194476aee567df0b821e3c4886662a0dc72a53e8289c98fc3187b991df3da95f0bc2fe1b238d3478ccfac9d39a23fa2e7928ff3be8461110af9","ssdeep":"","tlshash":"3aa001f190d29c69e43741ab687511161bac490d0109014123a198e91162a098f48e8e","size":72,"data":"","first_seen":"2023-10-09T10:35:22Z","last_seen":"2026-07-17T22:48:03.437875Z","times_seen":98246,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fb230050beb9250ea6bb0072ba711b8c","sha1":"e2df0e739a9d99beb9860f423a04f9418dd51815","sha256":"5acdaebad9b9cdb5a198f5c7f68c7accf3657f82a5e86be45df850d6864000b8","sha512":"d29cb3e5a9966931301d8af82bbce5b10fc44c9154b5de652299b4e23c96cfa4f8df52a9a0d50a2769f4dedb6a963349c325b667770f704c779b99613b26d64e","ssdeep":"","tlshash":"abc04c58d995ec698620580e042d4d29e4ccd99d43948b986368c9aa8102db91289dc5","size":146,"data":"","first_seen":"2026-06-28T10:12:08.784725Z","last_seen":"2026-07-05T09:54:23.31007Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"373b4b1b289919d15258f155eb7a43bc","sha1":"920ab31960c5346b52921d3f026d4ad0d442e1c6","sha256":"890633293c83e9afec35bae878242811df2f1b80e8cce41aff7d1f058b30c7a1","sha512":"8d885407c38426aedf60170642e4e02ef0164fd3ba0ef4fc5b3489510bf5787c18bad9bb23d936b68d0189a1fe3ccff698af5d70fcfc91d3df07dd304e5c92a0","ssdeep":"","tlshash":"7231044e7305e8003da3df125a7b7f36c889dc33063ca62dd91ed93b508297a536c964","size":1716,"data":"","first_seen":"2026-07-05T09:54:23.310976Z","last_seen":"2026-07-05T09:54:23.310976Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"c6f419d533f32d493fc78171056d83a9","sha1":"1915d4373418af786e70755800d159d387f4f863","sha256":"22ec0695951941df9c4788d627b396af0dc660205e0d5fe15057694d420e8b5b","sha512":"61323389a4a077d6fcb97f679119392141586439d8e5af1370dba726a9de415afc3b9cb93ccc209327e09506b8e62cc8b2429949605b3df00b60a4d0bbce3f23","ssdeep":"192:zSdJ2dNR6lC2dsEgh/N4oH4N4UAgTkKQzgnqzcJm5c:zAQ2yEU6IOUc","tlshash":"e532db3db10ade5dec9b7d05113e9c3a24cd82ab07c6ce79c6a8dd22468647da793dc0","size":11573,"data":"","first_seen":"2026-07-05T09:54:23.311915Z","last_seen":"2026-07-05T09:54:23.311915Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b68dd1d33ea5724fe71bb2b5a58b15aa","sha1":"a34dd81cb3b18d96ceb1cd2ea9b7fab9c5970ba2","sha256":"940479eedf3f68d8ba76079c32f5cfdfada6dd418202830b2ec3d68d6a716705","sha512":"d55692254a863bf17e5d6a33ebe83ad25b996410342ef4270019d7f3c3e1fe31d1cd6dab429cbb5396710565ca0e21386ca483fe18daaf1d0c7d2016359bb135","ssdeep":"","tlshash":"d9f09e50fd63de26d6972f220c3e1c1832ec8356024599459dc4c8151e97f384671a94","size":475,"data":"","first_seen":"2026-07-05T09:54:23.31298Z","last_seen":"2026-07-05T09:54:23.31298Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/layout-1585a9a344401036.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"48c3d00f64e89c6722723c32f6b04ce3","sha1":"5b766e1e0d1bd99e8f31e66c8e1f959c057e0031","sha256":"332ed16269aaef14d14cf79cffe51b6f7e853c898f647423eb85122fcb29934d","sha512":"9c71a2b36e4d3c4072a366ca24399112e5890ad867cd98d696e9bc6c52ffc8f0bddbcb5b7072c0cc0a960d0703ebfb1fdf81e237b0fa2a3e490279ec288f86ab","ssdeep":"96:Ddw5umG8/EwdkXbD34v2HqYWqvTqHYn2kSYf+DDKRmZk5RJbOuMV7Z6:Dg8VW4hRmy9MV7Z6","tlshash":"91b1222db4e6ffd8781908883e1f980c726f664c59481db57bace88545976d8f243fc8","size":5571,"data":"","first_seen":"2026-07-05T09:54:23.293601Z","last_seen":"2026-07-05T09:54:23.293601Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/contracts/page-63cb3fc51c27402c.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2f4953d0351e4ad5b3432dd3c1a77b80","sha1":"152da4a71f894e06444ad9de2e4c46583870925d","sha256":"408bf1877b55865e634e1fe4ec6066747c0a7db9ad6c0e25eb200eee02cb9172","sha512":"304b68485488710c486088d7086092f3b0090c80081d5b5052d8a14047a79e097cd17d886408de3a381d84aa7e28b502f30f6b5c5709aea048251595249bdadf","ssdeep":"","tlshash":"a851500cbfa0ff59100f2aa8f0eba41a787b16a4b64d3cc1a5f1cd4555a318842177cd","size":2540,"data":"","first_seen":"2026-06-28T10:12:08.775577Z","last_seen":"2026-07-05T09:54:23.305973Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/main-app-f1e2f05f66ca4fbd.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"16227d6bd4403f06ac099ecc79853c06","sha1":"ea304ae2eeece4008e8bde6fc78a378b1d362408","sha256":"db4753738b8bc2046e538149eccc1a7d5824c0e0823a65ec8e0eab547a51c7dd","sha512":"8a98d38e4fe773b331338df94d83e71c42a5d062cf610691c4453a490a500a4c4543f45711bc538fe30dfc0d1db2e6f37a425bc5bf4fad62db3e5081adc8308c","ssdeep":"","tlshash":"28f08c9a2b4cb02f3923ad24fdd36c2e256e816428a718501a04ddb12c33bac93f1c38","size":461,"data":"","first_seen":"2024-12-09T02:34:22.400353Z","last_seen":"2026-07-14T01:57:37.844061Z","times_seen":71,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/489-6140d27000379ccc.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0c293bdfceb41d2d136f8b502482fbb0","sha1":"b44c90f8bf27af6c31532d3eb00c369687b4a3b9","sha256":"20e38091eca1800a8676cfae385cb4a12e0ca20677548f3301fc96a5913bcbc5","sha512":"092fbe624aa10f80f1042a7b9c9367a22ae1ff6734f5a463057d27b0a80b284d2b4ad2bba7b8ca933b06a760555e14f4cdf68fb012f6312e8484632606a555de","ssdeep":"192:6mbPjW2ZGr6Got/LhQO9GqCqzzFHvIyDKljB:tvW2ZD3V9fJDuF","tlshash":"73e1b86a73c1346aa35ec156852b4009a7bf3668364f0820f16e7cae67105c590f3fde","size":7218,"data":"","first_seen":"2026-06-28T10:12:08.758424Z","last_seen":"2026-07-05T09:54:23.297763Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/117-4f5b424f20efdcae.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d13e87eb771cb1dc6c862544c92dd720","sha1":"846bf0013f880dd962a499008ad7b3c7fba8937f","sha256":"7bd6f41cfe0ce8b68c0fcfc0c580bf3f21c9d7b49f22665e6b21bb5ef49b476a","sha512":"1ba96f22742f8333dbe47235b5a037bb8c4764d0554ab1d6d1edad2fc722d6dbbdef50f5c89cb5daa9f8f6e684bcf53db54a3a7e237b1ed218b832bb75d809a7","ssdeep":"768:fO9P55e7wbSlPftVDK//d9icrEAKH1ag8xxqKjj3fOpDKdlr/NaO8Qr93UsGoROz:Ugw2l+Wc3mY5jFdl/iPsibn2kJ51oCv7","tlshash":"bcc3d8ba71d0f8e2079744e5843b400af3791c3b146f70a0a7a5cdd9b5a44eea1a3f5e","size":124364,"data":"","first_seen":"2025-12-16T15:37:48.63769Z","last_seen":"2026-07-17T19:12:19.922695Z","times_seen":2039,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/contact/page-81c46fd4bd37d7c8.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"643dd64c1d9d52d76af939094ffe6548","sha1":"acbafe1ab29085b945182f279c8ad2bb89f275e9","sha256":"f69b12fee69d026f3c8a9da9242fb1e7bf550f9b5688a9ad7d6aa488b3833e27","sha512":"eea6c6f966bbb19237f280f17caab7f1cbe5f746bd203b7d79beed9262cc7d127fb1a5932fffb6230ccfeca0fc1183ad1ce4f6ef2dcc44692fbfac0182624e2a","ssdeep":"96:YBNYQnOwO5Rw3suRd6L4jGVA+X01rh6wUwybcPUvQEBAd7A6:6Y6BBHjGVNUdpyb3vbF6","tlshash":"95f11024e566aadcb43ac44c62dfa40cb11f334af9064864f9a4785e03ed9d87613ff9","size":7835,"data":"","first_seen":"2026-06-28T10:12:08.752003Z","last_seen":"2026-07-05T09:54:23.295868Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/faq/page-d8edd8edab596922.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2260fa657c2329a7c6df359bbc29c2d8","sha1":"b552a61ea1128c65162102a6ae6eecea63fc47ed","sha256":"a43601ed58751be7a245eaa1c9be36111856a20a5914df24235b5159558144ed","sha512":"7136dbacda28c61dd9e8cab8e483adeb9b53370ffb7e3bba33754a780e923320185d9e34f4a2be86b9ab7a962d4039b22db12af6990df1aa637ba7556da9f0e5","ssdeep":"96:EU35sO3QDnMivoP+i/TMJW0REP2a2naCt1/ZyeTPhifmy3gfZxItde4tJeHu6:EU35sO3QDHvGP/TSWp2XaM/Zyezhifxs","tlshash":"ddc1858ef784fb24966b10d8507fa50eb23b6e5cba691ca4b4f5545827a01d87333bcc","size":5811,"data":"","first_seen":"2026-06-28T10:12:08.749303Z","last_seen":"2026-07-05T09:54:23.286514Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/page-b588f9e00b746ee2.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8d17564cea4943607b09d2d67a39cf0","sha1":"2e3c9b1507162a09aedb2e1f7e8244273f91827b","sha256":"cac3a558e964665f95f414e00f47fa6e19085098beba7f568235a587c04decb6","sha512":"5c2a2e3e9a62fd0d6ea156d06a1f185917d378ed6b5269b6e72f77285f74977fe445a5ca563803038c77f9bb891dd7179d499fb4e30cb72a27cd40fabcd1bfbe","ssdeep":"192:RunF6ZF7f0pOVyzikhpGqoELSS/pvDWkh2IfowOMAgMkmud6:RunOF7f08VkhsXELSSpDWW2Ifow79MkC","tlshash":"b542c41cf5d5bbaca03b1994616fe41db07b3744e9100ca0a1fab86507519e8bb7bbcc","size":12149,"data":"","first_seen":"2026-06-28T10:12:08.778197Z","last_seen":"2026-07-05T09:54:23.290856Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/119-ee6941a1f348fb91.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"638b1c228c7e36f05486238582754408","sha1":"f1aa59630856293b48f97f920c25059ae0039464","sha256":"1c0e2cb9610b5425641c552a5c124f2b4dff633b361007e6ef0e023d60649239","sha512":"e16b346fdd2056f6c3c1f6604df362f49de3c0e00dce0686190f4bf33aa2ffa49e9deed24cd4a84a2ef081110b41c573718b81e7be8a28b2f17580ae08445d77","ssdeep":"384:ymNOFIljr2+5BHha7zoNeTqJqoPJGjkWDMAu6ANBLsKi2jyWKWXQlHw2blCfcH7Y:ymNG8JhanoFEoPo0l6ANBLJznXQRwTk8","tlshash":"e2e2c7a977f3f0260bee5195103b2403f77d5688084c442cf278a9dbb9a584a91fbf79","size":32084,"data":"","first_seen":"2026-07-05T09:54:23.288574Z","last_seen":"2026-07-05T09:54:23.288574Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/52-d26559b4b1981155.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7923047464dd11b3a3f99ac89f20c36d","sha1":"38a48277afd6bc170dc253ffbc21637e882e77f6","sha256":"67b7e6aef1e19335865032e7151035fe676678df4b540ea89fa9d875ba14f420","sha512":"b572f27b3e0fee914c6d2871822a93f926c1ac84f1b051c35f7f70034f1e95078c08d32aff4590166ca2cf35be5a26380f02dd2beb0f954403a19bd87b61c357","ssdeep":"1536:fpSjegDG24kizgnkEIzODZgNG8tj0DhKgwPNEb7SFlIU9El0lW7L3:HzGlIeeIxoV+04","tlshash":"66c3f9da73617125c3db5199c0af0b41b33b19d8240a403cb6bda9cb686095e62fbf7d","size":124611,"data":"","first_seen":"2026-06-28T10:12:08.756355Z","last_seen":"2026-07-05T09:54:23.296871Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/457b8330-725750dc016b8476.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9829725354ccc4755e36a628bc15ce06","sha1":"00a6bbd259f87137ad70b61070872b7ad9beb3fa","sha256":"27cb1bd48e81d834a999d21c25e6f658ef38d0b8083d21478df6eeda483c5789","sha512":"a519373ad87fd928ff940905f5225119488f716618310fb87e3c94b83e087c18a7239992381fb4d22ec94d020931467a88e900990a17732091fb5bad4c25ca06","ssdeep":"3072:wF9FrXhYDQGJ0J+tpJIJTJXJgJBJBJwJgJ4JCJNJQwGQyiFF6V3g/:sNhdGq+KdhGz/2uacrgQy66V3g/","tlshash":"c5c3e7593381f91353eea2d984768142f33919a42909043cfabcdce67865ac971fbfb4","size":128171,"data":"","first_seen":"2026-07-05T09:54:23.303025Z","last_seen":"2026-07-05T09:54:23.303025Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/972-8c0ee6fabcd1342f.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f4b13ad7edddc9f56fea315f7e3f1ff8","sha1":"15d90ae6649cd117e17f200e42aa02fa9f5e5126","sha256":"ba8d97dba2235cf174abe4e9a93fe5e75da8bc4799381cff8c38104bceb15941","sha512":"2d4063787640316d76dad78e3c0a3fd5f849b9bb7453da2f9c53f9fed4781ecc79cec92b3aa0b6e005473969580af38698e1ab9bf653e843f606b2d6982aa462","ssdeep":"384:05k1IdRMx3IG1DnLGRwqdggPG1kyDfLxvZKVSUENLd3NU7tpU2J91wMVG4x:akgRMxhdnLqkKByLX4tpU2ZhVJ","tlshash":"f1c2e8be71d2f8a2479b11a0443b1006f2be4caa145e6244f7b4c8dbf57056da1b3fad","size":26066,"data":"","first_seen":"2025-04-19T17:30:47.724841Z","last_seen":"2026-07-17T18:23:15.390761Z","times_seen":1267,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/fd9d1056-b11b2651f33aae7f.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d70ea42503ecdf865cc5b50951e7a260","sha1":"d6024cc44a508c5e42bccc99aa6939490273b3a3","sha256":"b8bddf9481d859d648e1e050f8322eb3defe3dd3f9bd13f4c44dd6f2ecf5ab80","sha512":"c38885a712287d6c88b14f3a78df8b03c671a1e8fe71ec680edad591b056eabd5cc510e7cf2b565d94779bbb258ca49068d31adb94d343d59c653c57e77035ee","ssdeep":"1536:PVjExazug79h2U4kcNxakmBjt4oGZlibTR5ikxYhlUuRNka2wblHiN+wL8z9Ggum:3zug758kkEiXjOAprX2wd5WjguGOK","tlshash":"50f3f8e83995f6666eb30277009f1803737c262b280d4d60a211fd9eb5b845eb17bfd9","size":172834,"data":"","first_seen":"2025-01-18T11:47:06.649614Z","last_seen":"2026-07-17T19:16:30.697613Z","times_seen":4239,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/policy/page-17371f9675fe4f8e.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"30209ba704ead5b795c155c7bf175957","sha1":"3937b252cfe2b270dc0006d4dc721382e8949579","sha256":"789396b837d66199928f8356390198798acdf9e9ead33347155d894410fc5c7c","sha512":"559e6d04e52b045b56130c70cb39a101ad01fd57184cf4409f0256416a03092287e22dc682fe16f877164275f0da3b1ba5996d758daf13ea9d5eecb7897c9906","ssdeep":"192:T4fpMl0CgyKECbVXSFQBvp0OeGINjycgf5e5c6TbazPXVrOC6K0Jn6:cuDJcX1N7cghe5cieByCn","tlshash":"6412b515b344b36697c701887a2f615ff13b262cbb6918b094f4c89d23529a8b377bd8","size":9382,"data":"","first_seen":"2026-06-28T10:12:08.745857Z","last_seen":"2026-07-05T09:54:23.307831Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"microsoftteamservice.org/","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-05T09:53:53.526Z","timestamp":1783245233526,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nage: 344809\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Durable\"; hit; ttl=31191192, \"Next.js\"; hit, \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"11k2ut989l5j6k-df\"\r\nnetlify-vary: query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc|accept-encoding,cookie=__prerender_bypass|__next_preview_data\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding\r\nx-content-type-options: nosniff\r\nx-nextjs-date: Wed, 01 Jul 2026 10:07:20 GMT\r\nx-nf-request-id: 01KWRV5QJQZ99R698V64RFTZMG\r\nx-powered-by: Next.js\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Next.js","description":"Next.js is a React framework for developing single page Javascript applications.","website":"https://nextjs.org","common_platform_enumeration":"cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*","icon":"Next.js.svg","categories":["JavaScript frameworks","Web frameworks"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Webpack","description":"Webpack is an open-source JavaScript module bundler.","website":"https://webpack.js.org/","common_platform_enumeration":"","icon":"Webpack.svg","categories":["Miscellaneous"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":24896,"size_decoded":6049,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (24889), with no line terminators","md5":"b5efbca7da6a5d038ecfc1462a72b070","sha1":"d28e21896b7c543547bd58ea3e848b376a6359a3","sha256":"a4aba553d8fa75600fe6308a06848a80d8d0add002ef1240e35a66cac0aae166","sha512":"e3df5353f29cca7b8f475f226187ca8829e42af451cd7ec9f25e59329762c028e0d5b20bf656531a6c870cff79d63f7aa229a99b046feedbd3cc72db7edb8924","ssdeep":"384:Jo8OeMLHeXgEQue4YMJPkUP7gtoAQ2yEU6IOUyr:Jo8OeOHO0iP1P7gtW6HUw","tlshash":"13b2b739b608ee2dec936e48553f6e39649dc26b8359cd24c6accd3603c2979a753cc4","first_seen":"2026-07-05T09:54:23.283162Z","last_seen":"2026-07-05T09:54:23.283162Z","times_seen":1,"resource_available":true,"data":null}},"time_used":521,"timings":{"blocked":-1,"dns":42,"connect":1,"send":0,"wait":311,"receive":0,"ssl":167},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/css/ee45359932ddcbac.css","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.289Z","timestamp":1783245234289,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/css/ee45359932ddcbac.css HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"9f607250cd9978a0d7eee3609646da54-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R40DB3AHVDT7V47DAYF\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3949,"size_decoded":1689,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (3949), with no line terminators","md5":"a64e912ebf9b2c186122d8a6ea8d21e7","sha1":"e1dce3ff35c8cad12570f028b8a135507b64ca1d","sha256":"75bbbfae289fd2774bee1b35e73af83554207c342be818be6c812374fb6dfba8","sha512":"98e8cfd7948fa30a3491f95c30b8a00afa1c48bc46e701cf709b89feb808c5d48854094259dab2125ca186b4851a8865c73cc5687eee9682529eeab6ca1c92c7","ssdeep":"","tlshash":"698142beb558723ca803d51766d5984c8520bc83e863d7f9f513901ac8d76e3f6a2f08","first_seen":"2026-06-28T10:12:08.754394Z","last_seen":"2026-07-05T09:54:23.284533Z","times_seen":2,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":331,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/policy?_rsc=19zvn","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.352Z","timestamp":1783245235352,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /policy?_rsc=19zvn HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://microsoftteamservice.org/\r\nRSC: 1\r\nNext-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nNext-Router-Prefetch: 1\r\nNext-Url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nage: 344809\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Durable\"; hit; ttl=31191190, \"Next.js\"; hit, \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/x-component\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\netag: \"c0nho7hqd32nt-df\"\r\nnetlify-vary: query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc|accept-encoding,cookie=__prerender_bypass|__next_preview_data\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding\r\nx-content-type-options: nosniff\r\nx-nextjs-date: Wed, 01 Jul 2026 10:07:58 GMT\r\nx-nf-request-id: 01KWRV5S58VCGFTSB0F5C4EQC0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3449,"size_decoded":2041,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (2384)","md5":"ae7e6477ddf99c043fb35335a4ce0e19","sha1":"7dec7c0a42bd05a3a90af5fe3321f2ef22075338","sha256":"8d424423ef6c9fc1a844077a7f761129bd615d65018c8a0417f8ca1b7b6460fe","sha512":"a588a83657dbce5345a125a925ce9c4db97f5ce389e36dec9bbe20404b76ac3e33c8594c5882e3b6a38d849e412a898f4e4c08c4b16c38670121d0cede377d76","ssdeep":"","tlshash":"b961033a5b05e93aaebb82d0451fd709e19d897723200df1cadd5e2d039523a7b8f6d0","first_seen":"2026-07-05T09:54:23.285542Z","last_seen":"2026-07-05T09:54:23.285542Z","times_seen":1,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":240,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/faq/page-d8edd8edab596922.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.548Z","timestamp":1783245235548,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/app/faq/page-d8edd8edab596922.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\netag: \"6c862ae3ab9fa8c6719c9e572774f5f1-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5SB8ZQSFVJ5KBCVVRQD7\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":5811,"size_decoded":2888,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (5811), with no line terminators","md5":"2260fa657c2329a7c6df359bbc29c2d8","sha1":"b552a61ea1128c65162102a6ae6eecea63fc47ed","sha256":"a43601ed58751be7a245eaa1c9be36111856a20a5914df24235b5159558144ed","sha512":"7136dbacda28c61dd9e8cab8e483adeb9b53370ffb7e3bba33754a780e923320185d9e34f4a2be86b9ab7a962d4039b22db12af6990df1aa637ba7556da9f0e5","ssdeep":"96:EU35sO3QDnMivoP+i/TMJW0REP2a2naCt1/ZyeTPhifmy3gfZxItde4tJeHu6:EU35sO3QDHvGP/TSWp2XaM/Zyezhifxs","tlshash":"ddc1858ef784fb24966b10d8507fa50eb23b6e5cba691ca4b4f5545827a01d87333bcc","first_seen":"2026-06-28T10:12:08.749303Z","last_seen":"2026-07-05T09:54:23.286514Z","times_seen":2,"resource_available":true,"data":null}},"time_used":254,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":254,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/faq?_rsc=19zvn","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.356Z","timestamp":1783245235356,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /faq?_rsc=19zvn HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://microsoftteamservice.org/\r\nRSC: 1\r\nNext-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nNext-Router-Prefetch: 1\r\nNext-Url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nage: 344809\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Durable\"; hit; ttl=31191190, \"Next.js\"; hit, \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/x-component\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\netag: \"ewzb5tpom22nh-df\"\r\nnetlify-vary: query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc|accept-encoding,cookie=__prerender_bypass|__next_preview_data\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding\r\nx-content-type-options: nosniff\r\nx-nextjs-date: Wed, 01 Jul 2026 10:07:58 GMT\r\nx-nf-request-id: 01KWRV5S5B6Z8M775SNHJG4GTW\r\ncontent-length: 1217\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3437,"size_decoded":2034,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (2375)","md5":"bc15eb1ef61075e02d235f346cfab255","sha1":"cdc6ee28c89d6e2a906ea8d76276bf2fe9ae3a02","sha256":"4246cb3f415ace54a36cb1a0f3568c0d3b82567719a675f90bae9170ea69a541","sha512":"e34fa111ce7e6561797e56b62adf726912f44cc0c4d1a81cdab2fb403e3037b44d10367b5556bc6f0ab8e329250e6fc69c0eb9044e19bb938e9d0e254c45af5e","ssdeep":"","tlshash":"2d6102365b05e97baebb82d0451fd70aa19d893723200df1cadd5e2d039523a6b8f6d0","first_seen":"2026-07-05T09:54:23.287539Z","last_seen":"2026-07-05T09:54:23.287539Z","times_seen":1,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":185,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/119-ee6941a1f348fb91.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.312Z","timestamp":1783245234312,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/119-ee6941a1f348fb91.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"3c1bf1e93490d25130e25678d229f13a-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R4NBQVHEMQ5JSKZF1FG\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":32084,"size_decoded":10745,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32084), with no line terminators","md5":"638b1c228c7e36f05486238582754408","sha1":"f1aa59630856293b48f97f920c25059ae0039464","sha256":"1c0e2cb9610b5425641c552a5c124f2b4dff633b361007e6ef0e023d60649239","sha512":"e16b346fdd2056f6c3c1f6604df362f49de3c0e00dce0686190f4bf33aa2ffa49e9deed24cd4a84a2ef081110b41c573718b81e7be8a28b2f17580ae08445d77","ssdeep":"384:ymNOFIljr2+5BHha7zoNeTqJqoPJGjkWDMAu6ANBLsKi2jyWKWXQlHw2blCfcH7Y:ymNG8JhanoFEoPo0l6ANBLJznXQRwTk8","tlshash":"e2e2c7a977f3f0260bee5195103b2403f77d5688084c442cf278a9dbb9a584a91fbf79","first_seen":"2026-07-05T09:54:23.288574Z","last_seen":"2026-07-05T09:54:23.288574Z","times_seen":1,"resource_available":true,"data":null}},"time_used":344,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":344,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/webpack-a38551aa898b767a.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.297Z","timestamp":1783245234297,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/webpack-a38551aa898b767a.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"9149af76a6904bb9e4e8752da2030182-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R46XCVMQ9DJ9RHYH0J3\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3786,"size_decoded":2175,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (3786), with no line terminators","md5":"7ddca981c1bf8a7de5a17831e3c71fa1","sha1":"f155ac1e5ed3d5e0db823a55bb52320aeedcd4cb","sha256":"69d29bcb5b8592d7296b54633d8e2e4c00f77112368f2bc2791eb7b8527d4fe9","sha512":"f5c01189108f0289b9ce1d2da825a25f826f70f1a5a2a698c095ec432ff69cdc508768e210a374e77a640f7afdb8e5d6747e4adbc774e4fa6ae794f70f7428a9","ssdeep":"","tlshash":"0e7198dd71a1f8b91783a4a1043fa15af13f28b2281ed4a0db25d4f5fc745498223fa9","first_seen":"2026-06-28T10:12:08.74037Z","last_seen":"2026-07-05T09:54:23.289461Z","times_seen":2,"resource_available":true,"data":null}},"time_used":352,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":352,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/main-app-f1e2f05f66ca4fbd.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.302Z","timestamp":1783245234302,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/main-app-f1e2f05f66ca4fbd.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"cd470a9f5233f47bb22775d7589e79b7-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KWRV5R4C2TEZT1RFWKENS8EM\r\ncontent-length: 461\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":461,"size_decoded":880,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (461), with no line terminators","md5":"16227d6bd4403f06ac099ecc79853c06","sha1":"ea304ae2eeece4008e8bde6fc78a378b1d362408","sha256":"db4753738b8bc2046e538149eccc1a7d5824c0e0823a65ec8e0eab547a51c7dd","sha512":"8a98d38e4fe773b331338df94d83e71c42a5d062cf610691c4453a490a500a4c4543f45711bc538fe30dfc0d1db2e6f37a425bc5bf4fad62db3e5081adc8308c","ssdeep":"","tlshash":"28f08c9a2b4cb02f3923ad24fdd36c2e256e816428a718501a04ddb12c33bac93f1c38","first_seen":"2024-12-09T02:34:22.400353Z","last_seen":"2026-07-14T01:57:37.844061Z","times_seen":71,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":230,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/page-b588f9e00b746ee2.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.309Z","timestamp":1783245234309,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/app/page-b588f9e00b746ee2.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"537dcbdab7b70b66ad7d27464be468dd-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R4JF0A5HAC028QG1E04\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":12149,"size_decoded":4619,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (12141), with no line terminators","md5":"a8d17564cea4943607b09d2d67a39cf0","sha1":"2e3c9b1507162a09aedb2e1f7e8244273f91827b","sha256":"cac3a558e964665f95f414e00f47fa6e19085098beba7f568235a587c04decb6","sha512":"5c2a2e3e9a62fd0d6ea156d06a1f185917d378ed6b5269b6e72f77285f74977fe445a5ca563803038c77f9bb891dd7179d499fb4e30cb72a27cd40fabcd1bfbe","ssdeep":"192:RunF6ZF7f0pOVyzikhpGqoELSS/pvDWkh2IfowOMAgMkmud6:RunOF7f08VkhsXELSSpDWW2Ifow79MkC","tlshash":"b542c41cf5d5bbaca03b1994616fe41db07b3744e9100ca0a1fab86507519e8bb7bbcc","first_seen":"2026-06-28T10:12:08.778197Z","last_seen":"2026-07-05T09:54:23.290856Z","times_seen":2,"resource_available":true,"data":null}},"time_used":353,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":353,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.jsonbin.io/v3/b/6a3c2574f5f4af5e292a7611/latest","fqdn":"api.jsonbin.io","domain":"jsonbin.io","tld":"io"},"ip":{"addr":"172.67.176.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.347Z","timestamp":1783245235347,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsonbin.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 08 May 2026 23:57:30 GMT","end":"Fri, 07 Aug 2026 00:57:26 GMT"},"fingerprint":{"sha1":"BE:7B:3C:30:77:36:E9:33:25:40:35:51:73:6B:BE:9C:7D:30:5E:99","sha256":"CD:A4:3B:DA:C4:35:E4:E5:30:47:02:36:B9:30:C6:59:1D:35:85:88:3A:F0:2E:92:B2:AC:CB:02:DA:3F:A7:D6"}}},"request":{"raw":"OPTIONS /v3/b/6a3c2574f5f4af5e292a7611/latest HTTP/1.1\r\nHost: api.jsonbin.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nAccess-Control-Request-Method: GET\r\nAccess-Control-Request-Headers: cache-control,x-master-key\r\nReferer: https://microsoftteamservice.org/\r\nOrigin: https://microsoftteamservice.org\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 204 \r\nserver: cloudflare\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nvary: Access-Control-Request-Headers\r\naccess-control-allow-headers: cache-control,x-master-key\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ipyAoDLnP6yrYhEq6GRhcexqnnO9Y4x8y%2BlpBV%2FYnqs7XwUrewt48qT4Wik15LXcb%2FhIf%2BXc3GgrQgFZvTdYMptwSX%2BRP7EPhswhOGMHE%2Fwvvb%2BgvpCugrqildjG30Wfpg%3D%3D\"}]}\r\ncf-ray: a1657c410e015694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":0,"size_decoded":749,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-17T22:40:27.187426Z","times_seen":17324316,"resource_available":true,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":18,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/layout-1585a9a344401036.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.313Z","timestamp":1783245234313,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/app/layout-1585a9a344401036.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"6af7ad34a3eed4e4c87f88b4f99e310e-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R4S53WSJA4S0C4256B9\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":5571,"size_decoded":2238,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (5565), with no line terminators","md5":"48c3d00f64e89c6722723c32f6b04ce3","sha1":"5b766e1e0d1bd99e8f31e66c8e1f959c057e0031","sha256":"332ed16269aaef14d14cf79cffe51b6f7e853c898f647423eb85122fcb29934d","sha512":"9c71a2b36e4d3c4072a366ca24399112e5890ad867cd98d696e9bc6c52ffc8f0bddbcb5b7072c0cc0a960d0703ebfb1fdf81e237b0fa2a3e490279ec288f86ab","ssdeep":"96:Ddw5umG8/EwdkXbD34v2HqYWqvTqHYn2kSYf+DDKRmZk5RJbOuMV7Z6:Dg8VW4hRmy9MV7Z6","tlshash":"91b1222db4e6ffd8781908883e1f980c726f664c59481db57bace88545976d8f243fc8","first_seen":"2026-07-05T09:54:23.293601Z","last_seen":"2026-07-05T09:54:23.293601Z","times_seen":1,"resource_available":true,"data":null}},"time_used":315,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":315,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/modern_work.png","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.322Z","timestamp":1783245234322,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /modern_work.png HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"15eae39ab0bb0075a82ac75eba6b636e-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KWRV5R4ZYXSRNER6YZE3A8YQ\r\ncontent-length: 802223\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":802223,"size_decoded":802616,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"be6ea51b500c9e96dc0edbe3ab553a25","sha1":"8b3a03b05262e437a5b6aca3d720b9208dce5b34","sha256":"7ac76dae5c0dd871a0663a45ad0e7cdb1dfdb805223124bbc66cae4fb4b23209","sha512":"a5abd2306a78b295f82af626a567d27e6c5743b2000b0598a01121b91821999346fdf63272661f99e640104a3fe0aad6b2b4bd82b69f10ab3c559060599474f8","ssdeep":"24576:4vFkLX+vZpYjh4JnyJO/4hjixa+zem+qJ:caLX+BOhmyJTji425+qJ","tlshash":"d20533592d8e09f74f2a83389a1b53a7fe702706715b70666630a0cdcd8ffc79058a76","first_seen":"2026-06-28T10:12:08.782106Z","last_seen":"2026-07-05T09:54:23.29457Z","times_seen":2,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":358,"receive":222,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/contact/page-81c46fd4bd37d7c8.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.540Z","timestamp":1783245235540,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/app/contact/page-81c46fd4bd37d7c8.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\netag: \"64dc5985eb355fe60023e59bad269e46-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5SB1N3GE4EYVA89KAWJZ\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7835,"size_decoded":3172,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7649), with no line terminators","md5":"643dd64c1d9d52d76af939094ffe6548","sha1":"acbafe1ab29085b945182f279c8ad2bb89f275e9","sha256":"f69b12fee69d026f3c8a9da9242fb1e7bf550f9b5688a9ad7d6aa488b3833e27","sha512":"eea6c6f966bbb19237f280f17caab7f1cbe5f746bd203b7d79beed9262cc7d127fb1a5932fffb6230ccfeca0fc1183ad1ce4f6ef2dcc44692fbfac0182624e2a","ssdeep":"96:YBNYQnOwO5Rw3suRd6L4jGVA+X01rh6wUwybcPUvQEBAd7A6:6Y6BBHjGVNUdpyb3vbF6","tlshash":"95f11024e566aadcb43ac44c62dfa40cb11f334af9064864f9a4785e03ed9d87613ff9","first_seen":"2026-06-28T10:12:08.752003Z","last_seen":"2026-07-05T09:54:23.295868Z","times_seen":2,"resource_available":true,"data":null}},"time_used":238,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/52-d26559b4b1981155.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.305Z","timestamp":1783245234305,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/52-d26559b4b1981155.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"1fd74602c382ea80d9e83e3d5cb40638-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R4EWS0SXPAN5ERQRK1Q\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":124611,"size_decoded":39736,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"7923047464dd11b3a3f99ac89f20c36d","sha1":"38a48277afd6bc170dc253ffbc21637e882e77f6","sha256":"67b7e6aef1e19335865032e7151035fe676678df4b540ea89fa9d875ba14f420","sha512":"b572f27b3e0fee914c6d2871822a93f926c1ac84f1b051c35f7f70034f1e95078c08d32aff4590166ca2cf35be5a26380f02dd2beb0f954403a19bd87b61c357","ssdeep":"1536:fpSjegDG24kizgnkEIzODZgNG8tj0DhKgwPNEb7SFlIU9El0lW7L3:HzGlIeeIxoV+04","tlshash":"66c3f9da73617125c3db5199c0af0b41b33b19d8240a403cb6bda9cb686095e62fbf7d","first_seen":"2026-06-28T10:12:08.756355Z","last_seen":"2026-07-05T09:54:23.296871Z","times_seen":2,"resource_available":true,"data":null}},"time_used":438,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":438,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/489-6140d27000379ccc.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.307Z","timestamp":1783245234307,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/489-6140d27000379ccc.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"9831f5c67bfa407264d7f66023e4f075-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R4HAJECWV69QJBVT6B1\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7218,"size_decoded":3367,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7218), with no line terminators","md5":"0c293bdfceb41d2d136f8b502482fbb0","sha1":"b44c90f8bf27af6c31532d3eb00c369687b4a3b9","sha256":"20e38091eca1800a8676cfae385cb4a12e0ca20677548f3301fc96a5913bcbc5","sha512":"092fbe624aa10f80f1042a7b9c9367a22ae1ff6734f5a463057d27b0a80b284d2b4ad2bba7b8ca933b06a760555e14f4cdf68fb012f6312e8484632606a555de","ssdeep":"192:6mbPjW2ZGr6Got/LhQO9GqCqzzFHvIyDKljB:tvW2ZD3V9fJDuF","tlshash":"73e1b86a73c1346aa35ec156852b4009a7bf3668364f0820f16e7cae67105c590f3fde","first_seen":"2026-06-28T10:12:08.758424Z","last_seen":"2026-07-05T09:54:23.297763Z","times_seen":2,"resource_available":true,"data":null}},"time_used":341,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":341,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/contracts?_rsc=19zvn","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.349Z","timestamp":1783245235349,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /contracts?_rsc=19zvn HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://microsoftteamservice.org/\r\nRSC: 1\r\nNext-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nNext-Router-Prefetch: 1\r\nNext-Url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nage: 344809\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Durable\"; hit; ttl=31191190, \"Next.js\"; hit, \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/x-component\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\netag: \"124vd7fqkt8r4a-df\"\r\nnetlify-vary: query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc|accept-encoding,cookie=__prerender_bypass|__next_preview_data\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding\r\nx-content-type-options: nosniff\r\nx-nextjs-date: Wed, 01 Jul 2026 10:07:58 GMT\r\nx-nf-request-id: 01KWRV5S573DQ0KN1YSC9ZKYX4\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":35170,"size_decoded":5726,"mime_type":"text/x-component","magic":"Unicode text, UTF-8 text, with very long lines (33595)","md5":"a7bb53482d0847d9f15b3ac43664c2f5","sha1":"60f4bb8f40b19940600f09e7602db7f3e80fa49d","sha256":"9795c47f5750032dafe67042e47cd6f455f8cff12e2fabb2e9d73db210e80711","sha512":"8acbf9e306da91a5197216e2041adde0423f9de69e25ec31a41296816faabc86695cade74afb051ec2bf6a360a3bbb133c0cffda786b7be350f39a366c2b121b","ssdeep":"768:Bp8IuEBfU9Bam6T+EfcnrZm8ufYZzYm89UAEUkxAL2:Bp8IuElUAEUcAi","tlshash":"78f20e3e4b299dbc7e2f5085555fd70a6aae413f67883eb282fdae34439113878132c5","first_seen":"2026-07-05T09:54:23.298655Z","last_seen":"2026-07-05T09:54:23.298655Z","times_seen":1,"resource_available":false,"data":null}},"time_used":178,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":178,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/fd9d1056-b11b2651f33aae7f.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.299Z","timestamp":1783245234299,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/fd9d1056-b11b2651f33aae7f.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"03db6ec2a281fabccea9ef90b568a54b-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R489214RJ6S4BHN7T59\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":172834,"size_decoded":52059,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d70ea42503ecdf865cc5b50951e7a260","sha1":"d6024cc44a508c5e42bccc99aa6939490273b3a3","sha256":"b8bddf9481d859d648e1e050f8322eb3defe3dd3f9bd13f4c44dd6f2ecf5ab80","sha512":"c38885a712287d6c88b14f3a78df8b03c671a1e8fe71ec680edad591b056eabd5cc510e7cf2b565d94779bbb258ca49068d31adb94d343d59c653c57e77035ee","ssdeep":"1536:PVjExazug79h2U4kcNxakmBjt4oGZlibTR5ikxYhlUuRNka2wblHiN+wL8z9Ggum:3zug758kkEiXjOAprX2wd5WjguGOK","tlshash":"50f3f8e83995f6666eb30277009f1803737c262b280d4d60a211fd9eb5b845eb17bfd9","first_seen":"2025-01-18T11:47:06.649614Z","last_seen":"2026-07-17T19:16:30.697613Z","times_seen":4239,"resource_available":true,"data":null}},"time_used":329,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":329,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/117-4f5b424f20efdcae.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.301Z","timestamp":1783245234301,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/117-4f5b424f20efdcae.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"aa892f4946cd098f7176d10788e16b78-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R4AYW90XDWA45FV26KV\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":124364,"size_decoded":31035,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"d13e87eb771cb1dc6c862544c92dd720","sha1":"846bf0013f880dd962a499008ad7b3c7fba8937f","sha256":"7bd6f41cfe0ce8b68c0fcfc0c580bf3f21c9d7b49f22665e6b21bb5ef49b476a","sha512":"1ba96f22742f8333dbe47235b5a037bb8c4764d0554ab1d6d1edad2fc722d6dbbdef50f5c89cb5daa9f8f6e684bcf53db54a3a7e237b1ed218b832bb75d809a7","ssdeep":"768:fO9P55e7wbSlPftVDK//d9icrEAKH1ag8xxqKjj3fOpDKdlr/NaO8Qr93UsGoROz:Ugw2l+Wc3mY5jFdl/iPsibn2kJ51oCv7","tlshash":"bcc3d8ba71d0f8e2079744e5843b400af3791c3b146f70a0a7a5cdd9b5a44eea1a3f5e","first_seen":"2025-12-16T15:37:48.63769Z","last_seen":"2026-07-17T19:12:19.922695Z","times_seen":2039,"resource_available":true,"data":null}},"time_used":234,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":234,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/972-8c0ee6fabcd1342f.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.304Z","timestamp":1783245234304,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/972-8c0ee6fabcd1342f.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"c292f91dc98737cf854cfc72482957be-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R4DKB5Y48K4M4DKH0K3\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":26066,"size_decoded":8954,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (26066), with no line terminators","md5":"f4b13ad7edddc9f56fea315f7e3f1ff8","sha1":"15d90ae6649cd117e17f200e42aa02fa9f5e5126","sha256":"ba8d97dba2235cf174abe4e9a93fe5e75da8bc4799381cff8c38104bceb15941","sha512":"2d4063787640316d76dad78e3c0a3fd5f849b9bb7453da2f9c53f9fed4781ecc79cec92b3aa0b6e005473969580af38698e1ab9bf653e843f606b2d6982aa462","ssdeep":"384:05k1IdRMx3IG1DnLGRwqdggPG1kyDfLxvZKVSUENLd3NU7tpU2J91wMVG4x:akgRMxhdnLqkKByLX4tpU2ZhVJ","tlshash":"f1c2e8be71d2f8a2479b11a0443b1006f2be4caa145e6244f7b4c8dbf57056da1b3fad","first_seen":"2025-04-19T17:30:47.724841Z","last_seen":"2026-07-17T18:23:15.390761Z","times_seen":1267,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/logo.png","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.318Z","timestamp":1783245234318,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /logo.png HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"f4ba1f6b3f3f1cb5027cda398ddeabb5-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KWRV5R4VVF47AHXPA64JTXZ5\r\ncontent-length: 750222\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":750222,"size_decoded":750615,"mime_type":"image/png","magic":"PNG image data, 1254 x 1254, 8-bit/color RGB, non-interlaced","md5":"5ea2b71781f98acd0bf00a88dc72ef10","sha1":"3b9019c63d652bd361084398572e0ffca731ca76","sha256":"e9e90d8166390969f29d60dbd4af517e580d36ea2465d54b401f81756cd249e5","sha512":"05a0cd40a1c6073577e40dd89c82c1389d3568c27e1f0db60b63cbef71dd04d04319e018b95ce9ad9f23f7215224f4a7df9617dc7f0829c009cebd27f4881a11","ssdeep":"12288:yClsUf3G9vQU3V2aJnmPr9NYApDNRC1+JWYwSlbdtpy/ISkJYcLU:3lPApV2GUYAzRC1TYwSlHpy6YcLU","tlshash":"d1f433aaa36ea4c0fc9e46f0ca6e5fe755115fca76dd04892473c0f603d13a88e6146f","first_seen":"2026-06-28T10:12:08.768504Z","last_seen":"2026-07-05T09:54:23.301122Z","times_seen":2,"resource_available":false,"data":null}},"time_used":730,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":412,"receive":318,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.jsonbin.io/v3/b/6a3c2574f5f4af5e292a7611/latest","fqdn":"api.jsonbin.io","domain":"jsonbin.io","tld":"io"},"ip":{"addr":"172.67.176.5","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.337Z","timestamp":1783245235337,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"mlkem768x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsonbin.io","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 08 May 2026 23:57:30 GMT","end":"Fri, 07 Aug 2026 00:57:26 GMT"},"fingerprint":{"sha1":"BE:7B:3C:30:77:36:E9:33:25:40:35:51:73:6B:BE:9C:7D:30:5E:99","sha256":"CD:A4:3B:DA:C4:35:E4:E5:30:47:02:36:B9:30:C6:59:1D:35:85:88:3A:F0:2E:92:B2:AC:CB:02:DA:3F:A7:D6"}}},"request":{"raw":"GET /v3/b/6a3c2574f5f4af5e292a7611/latest HTTP/1.1\r\nHost: api.jsonbin.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://microsoftteamservice.org/\r\nX-Master-Key: $2a$10$HrOYWxgUF5bUqWGH/0q//ukvQjAT63FazHftPy2HW3NuaK/rsiZ5W\r\nCache-Control: no-cache\r\nOrigin: https://microsoftteamservice.org\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPriority: u=4\r\nPragma: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 \r\nserver: cloudflare\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\ncontent-type: application/json; charset=utf-8\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\npriority: u=4,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\netag: W/\"948-tSECqMxK5q8H1H3lz7FYyBjG6ks\"\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=zo3t1TiAhnc9hU5nLEDSGT2kOAgTPYM2%2B30kcX7yUz1AW6%2Bi5RDhzX98wsCQqSE6OQgnKZJqF5Pn5l%2BM9h7SX%2Bx8RcW%2FAz0xwRufllM5KcfhMTYPEYYjSRFx%2Fxc6cDJTuw%3D%3D\"}]}\r\ncf-ray: a1657c426e185694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2376,"size_decoded":1667,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"1ff3c97077dbec4ad819142d833e75d3","sha1":"b52102a8cc4ae6af07d47de5cfb158c818c6ea4b","sha256":"bb5fde49e77e3b4f849930ca56b309446c5d17ae0300ab5253774285b87ed3be","sha512":"451130b19d84a140f09ed853d88ff7741297e8203eba6721b140a3751d2b38acdc7119039a011f2cf06ce2e0a79d0db71168b02cb2156b16454e00cbea214fdd","ssdeep":"","tlshash":"2b41363753f52d2ec30611c2f87baeb845dc34b324ca1970db1a2b8556d2fe1564e19a","first_seen":"2026-07-05T09:54:23.302147Z","last_seen":"2026-07-05T09:54:23.302147Z","times_seen":1,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/457b8330-725750dc016b8476.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.310Z","timestamp":1783245234310,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/457b8330-725750dc016b8476.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"cda9a628b815eb688f630af6e53be6b1-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R4MZSK7ZYZ8M80ER22D\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":128171,"size_decoded":36871,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"9829725354ccc4755e36a628bc15ce06","sha1":"00a6bbd259f87137ad70b61070872b7ad9beb3fa","sha256":"27cb1bd48e81d834a999d21c25e6f658ef38d0b8083d21478df6eeda483c5789","sha512":"a519373ad87fd928ff940905f5225119488f716618310fb87e3c94b83e087c18a7239992381fb4d22ec94d020931467a88e900990a17732091fb5bad4c25ca06","ssdeep":"3072:wF9FrXhYDQGJ0J+tpJIJTJXJgJBJBJwJgJ4JCJNJQwGQyiFF6V3g/:sNhdGq+KdhGz/2uacrgQy66V3g/","tlshash":"c5c3e7593381f91353eea2d984768142f33919a42909043cfabcdce67865ac971fbfb4","first_seen":"2026-07-05T09:54:23.303025Z","last_seen":"2026-07-05T09:54:23.303025Z","times_seen":1,"resource_available":true,"data":null}},"time_used":468,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":468,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/hero_bg.png","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.320Z","timestamp":1783245234320,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /hero_bg.png HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-type: image/png\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"058c7e5775184d0e610ade5c0d63cba4-ssl\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nx-nf-request-id: 01KWRV5R4YM6PCPPGVZSAKB1XC\r\ncontent-length: 669058\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":669058,"size_decoded":669451,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1024x1024, components 3","md5":"90e33348085ba8a43b8f2311e1913d14","sha1":"eb2e7371ca949b524e83aebafb2f48880302c350","sha256":"6662d197fdcd7a85b03ca77d991b9aa27bdd4d51de815ab68ad50c03083272e2","sha512":"02d4db21f287a5a9c560f492cbc6e8f1daf414b6101db43fece39f95afc19ae8c48003dc9d25f2e8e3afebbb3992813ef7ee45d9a3979890668b26d94b128eb1","ssdeep":"12288:5E3te+CiqAEk4GNCXtLmipfFmtJh1r0nL/ufbxNLLGTcNafxSCM:54egqjvX0CaJh6KLWcN6m","tlshash":"b4e423f631069be4e4e10572fb222afbfba340d57567f41d2377c4221eaf925890126e","first_seen":"2026-06-28T10:12:08.780189Z","last_seen":"2026-07-05T09:54:23.304263Z","times_seen":2,"resource_available":false,"data":null}},"time_used":1101,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":471,"receive":630,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/contact?_rsc=19zvn","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.357Z","timestamp":1783245235357,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /contact?_rsc=19zvn HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nReferer: https://microsoftteamservice.org/\r\nRSC: 1\r\nNext-Router-State-Tree: %5B%22%22%2C%7B%22children%22%3A%5B%22__PAGE__%22%2C%7B%7D%2Cnull%2Cnull%5D%7D%2Cnull%2Cnull%2Ctrue%5D\r\nNext-Router-Prefetch: 1\r\nNext-Url: /\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nage: 344809\r\ncache-control: public,max-age=0,must-revalidate\r\ncache-status: \"Netlify Durable\"; hit; ttl=31191190, \"Next.js\"; hit, \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/x-component\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\netag: \"6mu8asjygr2lf-df\"\r\nnetlify-vary: query=__nextDataReq|_rsc,header=x-nextjs-data|x-next-debug-logging|next-router-prefetch|next-router-segment-prefetch|next-router-state-tree|next-url|rsc|accept-encoding,cookie=__prerender_bypass|__next_preview_data\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: RSC,Next-Router-State-Tree,Next-Router-Prefetch,Accept-Encoding\r\nx-content-type-options: nosniff\r\nx-nextjs-date: Wed, 01 Jul 2026 10:07:58 GMT\r\nx-nf-request-id: 01KWRV5S5BHN5VMA9HRMF6XV6S\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":3363,"size_decoded":2024,"mime_type":"text/x-component","magic":"ASCII text, with very long lines (2387)","md5":"2c5161b01d90d1e9b2966155cc0da5b3","sha1":"c5febf2f9b7a1b416f5be7d10eda1382fff9e86e","sha256":"8ff1069ef50f4c0ae107fce4386e5aa809c40d0633ced3c7d4cbb1595527a999","sha512":"b7b88106df8018b74b38332d479a1cc2194eff764fbdb83f7049debbc9bc666d39318f2c34d34e60dde2d46c105fd74ab4ab60828aa1d5895a3ca11020ccac65","ssdeep":"","tlshash":"5d6114365b05e93baeb782d0451fd70ab19d897723200df1cadd5e2d039523a6b8f6d0","first_seen":"2026-07-05T09:54:23.305182Z","last_seen":"2026-07-05T09:54:23.305182Z","times_seen":1,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":164,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"wss","addr":"wss://team-services-b8a54-default-rtdb.europe-west1.firebasedatabase.app/.ws?v=5\u0026p=1:22636827257:web:ea223f6c3e339de5b1baa8\u0026ns=team-services-b8a54-default-rtdb","fqdn":"team-services-b8a54-default-rtdb.europe-west1.firebasedatabase.app","domain":"firebasedatabase.app","tld":"app"},"ip":{"addr":"34.107.226.223","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.378Z","timestamp":1783245235378,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.europe-west1.firebasedatabase.app","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 06 May 2026 09:51:56 GMT","end":"Tue, 04 Aug 2026 09:51:55 GMT"},"fingerprint":{"sha1":"98:C4:40:E0:35:6C:F8:ED:C2:80:37:C4:42:95:3B:07:34:D6:A0:DD","sha256":"A1:0C:B0:5B:95:BF:88:E0:5F:15:99:75:56:0C:E2:8A:34:CC:61:13:68:16:09:23:D2:AD:A9:A8:E9:5E:56:76"}}},"request":{"raw":"GET /.ws?v=5\u0026p=1:22636827257:web:ea223f6c3e339de5b1baa8\u0026ns=team-services-b8a54-default-rtdb HTTP/1.1\r\nHost: team-services-b8a54-default-rtdb.europe-west1.firebasedatabase.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-WebSocket-Version: 13\r\nOrigin: https://microsoftteamservice.org\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: JXSdffubvXdTxSx3O3gTzw==\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: Upgrade\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Sun, 05 Jul 2026 09:53:55 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: 8aYyLZsHwP0eRAh4LoGctSUr+HM=\r\nStrict-Transport-Security: max-age=31556926; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":254,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-17T22:40:27.187426Z","times_seen":17324316,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":18,"connect":13,"send":0,"wait":43,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/contracts/page-63cb3fc51c27402c.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.543Z","timestamp":1783245235543,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/app/contracts/page-63cb3fc51c27402c.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\netag: \"1e3c3afabda740f43f3d3a350de779fb-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5SB326JS19VB9NNX8SZ5\r\ncontent-length: 893\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":2540,"size_decoded":1360,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2540), with no line terminators","md5":"2f4953d0351e4ad5b3432dd3c1a77b80","sha1":"152da4a71f894e06444ad9de2e4c46583870925d","sha256":"408bf1877b55865e634e1fe4ec6066747c0a7db9ad6c0e25eb200eee02cb9172","sha512":"304b68485488710c486088d7086092f3b0090c80081d5b5052d8a14047a79e097cd17d886408de3a381d84aa7e28b502f30f6b5c5709aea048251595249bdadf","ssdeep":"","tlshash":"a851500cbfa0ff59100f2aa8f0eba41a787b16a4b64d3cc1a5f1cd4555a318842177cd","first_seen":"2026-06-28T10:12:08.775577Z","last_seen":"2026-07-05T09:54:23.305973Z","times_seen":2,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":225,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/css/105e680f8e111b12.css","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:54.294Z","timestamp":1783245234294,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/css/105e680f8e111b12.css HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=2\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: text/css; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:54 GMT\r\netag: \"106ed1e501b783c33e95918bf6ba247b-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5R43FYFETCN52R5B7ATY\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7532,"size_decoded":2458,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text, with very long lines (7532), with no line terminators","md5":"2b69aaf86aeef6fe8ea5c1c9e0f2e982","sha1":"a73f2b2759afe4d88d0f67c04078cd6d2ebca827","sha256":"5b21eaddd7dea97fc7f36f50380ff07c9e3fc332f687e76a86962c2201f3af18","sha512":"faf2254cc9006d361f1f34ef5948aa403c16807db8272a38f9726295a5decacd4b82e2f68bcd70f86e5f982c044f7175fbc935087f868db1771d2d835bdf7c4b","ssdeep":"96:U2tlJwlqG0mJQymkjsmZM/cwOb4SjTYepzkgQM:UuwqDmJNjsmZMSFTYeRR","tlshash":"f1f18338a264713db433e91777e4c8dca5609952f833879ab853b62184c25e367abb48","first_seen":"2026-06-28T10:12:08.737738Z","last_seen":"2026-07-05T09:54:23.306944Z","times_seen":2,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"microsoftteamservice.org/_next/static/chunks/app/policy/page-17371f9675fe4f8e.js","fqdn":"microsoftteamservice.org","domain":"microsoftteamservice.org","tld":"org"},"ip":{"addr":"75.2.60.5","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://microsoftteamservice.org/","date":"2026-07-05T09:53:55.602Z","timestamp":1783245235602,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"microsoftteamservice.org","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Fri, 26 Jun 2026 10:35:04 GMT","end":"Thu, 24 Sep 2026 10:35:03 GMT"},"fingerprint":{"sha1":"B7:CA:74:00:E6:F0:B1:D4:E9:7E:E5:30:59:BD:4B:A4:22:F7:3A:80","sha256":"DA:C6:E4:97:D4:FC:C5:F7:52:39:96:61:85:2A:C9:3F:EE:2E:5D:17:6A:B9:7F:7F:AF:6F:DE:57:E5:CB:77:E4"}}},"request":{"raw":"GET /_next/static/chunks/app/policy/page-17371f9675fe4f8e.js HTTP/1.1\r\nHost: microsoftteamservice.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://microsoftteamservice.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\naccept-ranges: bytes\r\nage: 0\r\ncache-control: public,max-age=31536000,immutable\r\ncache-status: \"Netlify Edge\"; fwd=miss\r\ncontent-encoding: br\r\ncontent-type: application/javascript; charset=UTF-8\r\ndate: Sun, 05 Jul 2026 09:53:55 GMT\r\netag: \"bc907707e0484c40ecb0d54b6db97a12-ssl-df\"\r\nserver: Netlify\r\nstrict-transport-security: max-age=31536000\r\nvary: Accept-Encoding\r\nx-nf-request-id: 01KWRV5SCZP6S7XXHQQ6KS9YB7\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Netlify","description":"Netlify providers hosting and server-less backend services for web applications and static websites.","website":"https://www.netlify.com/","common_platform_enumeration":"","icon":"Netlify.svg","categories":["PaaS","CDN"]}],"data":{"size":9382,"size_decoded":4060,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9382), with no line terminators","md5":"30209ba704ead5b795c155c7bf175957","sha1":"3937b252cfe2b270dc0006d4dc721382e8949579","sha256":"789396b837d66199928f8356390198798acdf9e9ead33347155d894410fc5c7c","sha512":"559e6d04e52b045b56130c70cb39a101ad01fd57184cf4409f0256416a03092287e22dc682fe16f877164275f0da3b1ba5996d758daf13ea9d5eecb7897c9906","ssdeep":"192:T4fpMl0CgyKECbVXSFQBvp0OeGINjycgf5e5c6TbazPXVrOC6K0Jn6:cuDJcX1N7cghe5cieByCn","tlshash":"6412b515b344b36697c701887a2f615ff13b262cbb6918b094f4c89d23529a8b377bd8","first_seen":"2026-06-28T10:12:08.745857Z","last_seen":"2026-07-05T09:54:23.307831Z","times_seen":2,"resource_available":true,"data":null}},"time_used":273,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":273,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"microsoftteamservice.org","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}
