Report - my.teamos.xyz/0013056f436a959f489668f299410597/announce7:comment39:Downloaded

Report Overview

Submitted URL
my.teamos.xyz/0013056f436a959f489668f299410597/announce7:comment39:Downloaded
IP
104.21.71.43
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-17 23:37:33
Access
public
Website Title
Team OS : Your Only Destination To Custom OS !!
Final URL
www.teamos.xyz/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-17	429 B	32 kB	142.250.74.106
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-16	930 B	718 B	52.29.198.136
duesirresponsible.com	unknown	unknown	No data	No data	7.7 kB	22 kB	192.243.59.13
packageeyeball.com	unknown	unknown	No data	No data	2.5 kB	5.6 kB	192.243.59.20
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-17	411 B	87 kB	188.114.97.1
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2024-04-17	492 B	8.8 kB	104.16.79.73
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-17	874 B	162 kB	142.250.74.40
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-04-17	2.4 kB	482 kB	45.133.44.10
my.teamos.xyz	unknown	2022-01-12	2022-04-13	2024-03-31	533 B	174 kB	172.67.143.25
teamos.xyz	unknown	2022-01-12	2022-01-13	2024-04-15	467 B	174 kB	172.67.143.25
www.teamos.xyz	unknown	2022-01-12	2022-04-13	2024-04-10	13 kB	1.8 MB	172.67.143.25
secure.gravatar.com	1671	2004-07-15	2012-05-22	2024-04-17	458 B	2.5 kB	192.0.73.2
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-17	1.1 kB	98 kB	216.58.207.227
instrumenttactics.com	unknown	2022-01-23	2022-01-23	2024-03-25	1.3 kB	55 kB	172.240.253.132
aus5.mozilla.org	2548	1998-01-24	2015-10-27	2024-04-17	512 B	1.2 kB	35.244.181.201
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-17	438 B	12 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	instrumenttactics.com	Sinkholed
2024-04-17	medium	instrumenttactics.com	Sinkholed
2024-04-17	medium	instrumenttactics.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	Size	First Seen	Last Seen
	unknown	4.9 kB	2024-04-18	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 01:37:40 Last Seen2024-04-18 01:37:40 Times Seen1 Hash e1325859e92cbf476befaf902c881872 ac90b1b206a2a2d9e99381611a966641710eb10a c1f7b1e470a7f7b2ffcbc4ce7c5f55ed33c7069228cad34c4ac49b89f6838cc9 Loading...

	unknown	2.1 kB	2023-03-07	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-29 04:36:19 Times Seen259 Hash 3a3fa1f807c678e04fa94fa684069231 c26e333abe0f139338a79d09557d433bab245107 95464e5d88d803be95b2ee15ce8668f1dc99b75f6aadd4379bc9fbcfba665ba5 Loading...

	www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-30
Pretty URL www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-30 09:15:24 Times Seen43301 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js	31 kB	2024-04-18	2024-04-18
Pretty URL instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 01:37:40 Last Seen2024-04-18 01:37:41 Times Seen2 Hash 0583add19868dba9e2c251d46f060ccc 32612ab06233887a472302f07b81dde287865967 b7675570c27cf2c6f459f336473f6181d00e9f3c1cdc534a51de30d5d753765b Loading...

	www.teamos.xyz/js/vendor/vendor-compiled.js?_v=099e916e	43 kB	2023-03-07	2024-04-29
Pretty URL www.teamos.xyz/js/vendor/vendor-compiled.js?_v=099e916e IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:34 Last Seen2024-04-29 04:36:19 Times Seen762 Hash 372b0c5f17990ad741c3d02593f63fe8 4e577cb859755cbf104a2334e6307a5291558689 ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1 Loading...

	www.teamos.xyz/js/xf/notice.min.js?_v=099e916e	3.7 kB	2023-03-09	2024-04-29
Pretty URL www.teamos.xyz/js/xf/notice.min.js?_v=099e916e IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:27:16 Last Seen2024-04-29 04:36:19 Times Seen647 Hash b725cc9681612e5c4a6de094bbe33bd9 c2bd0760c401cf86e15fc2b941b14fa7901633e3 a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b Loading...

	unknown	14 kB	2023-03-07	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-29 04:36:19 Times Seen256 Hash b5bf3196e186c65f858bc7e486cf9cba 917caf23e7cac4ba0613ae06e6bf1b72c0e69c98 bb8411520f5e4a207375f13c7266dbdf5fb56fd58fa695c0d486ddf476346d02 Loading...

	unknown	357 B	2023-03-12	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:17:48 Last Seen2024-04-29 04:36:19 Times Seen256 Hash 00f88953f2d2d6770a8c26b60786c7a6 6cafe6508c1f114bf474f948fc6776a6131f3a72 1d996072b68082027d84ea8ccd0588497eb43fbfc4a2b2225bb443ff1424f4cc Loading...

	unknown	109 B	2024-04-13	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 00:57:00 Last Seen2024-04-29 04:36:19 Times Seen11 Hash 7ed74a97f1b51107642cbd354e8e9537 368722c30c49ed7ad343dd7986cc1e975ff7473b bdbbe3d74c92fb34f7cf7f5b502d5a0f9c5c91129b2fc95bc836c3eb10a8cf90 Loading...

	www.teamos.xyz/js/xf/preamble.min.js?_v=099e916e	3.4 kB	2023-03-09	2024-04-29
Pretty URL www.teamos.xyz/js/xf/preamble.min.js?_v=099e916e IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:27:16 Last Seen2024-04-29 04:36:19 Times Seen643 Hash 57c077607d1b4ba5bfeac6740d6e9576 8ce714d869d8f3b46eb3a7c7689920e1a85b0808 c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d Loading...

	www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c	249 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 01:37:40 Last Seen2024-04-18 01:37:41 Times Seen2 Hash 69d6817ebf6e6186ed9934bbd0910212 ba9eaacce34d55b881f00ae1026a68ec9db50145 d6f5f35adf2b713129ff8adb24bdd8b6b7276aab952261808d5ac4c8586190fb Loading...

	www.teamos.xyz/sandbox%20eval%20code	147 B	2023-04-11	2024-04-30
Pretty URL www.teamos.xyz/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-30 11:10:07 Times Seen343428 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=UA-77872044-1	202 kB	2024-04-18	2024-04-18
Pretty URL www.googletagmanager.com/gtag/js?id=UA-77872044-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 01:37:40 Last Seen2024-04-18 01:37:41 Times Seen2 Hash 4b9b7d65adb5c18fc9421d041300df97 bd34ef3d2b77a157328d96968c20865ac8a5bbda 3e3c2f6ecea254b8b55ba327c122aa434e9c3a5fb741bd9501beedc0422d85b0 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-04-30
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-04-30 10:57:19 Times Seen1347 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	unknown	145 B	2023-03-12	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:17:49 Last Seen2024-04-29 04:36:19 Times Seen254 Hash 56345684a4f92ef41f648d4d85464d99 a8c16ba1be3fb3c3dc7eff8358d223fc86cc3bde aa59fc72954112cea004fa466abb1ad524db3fa8321764f9699745769aea8d95 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-30
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-30 11:19:41 Times Seen140384 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js	82 kB	2024-04-18	2024-04-18
Pretty URL instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 01:37:40 Last Seen2024-04-18 01:37:41 Times Seen2 Hash 0be3fffcb94ce725630154cf959d08d8 b8ea460525a59b39d46104ecdf45d89b15b03758 1e8cfac4c860068eab4b383184433994794b46353ec180b0a89b599413033611 Loading...

	unknown	3.3 kB	2024-04-18	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 01:37:40 Last Seen2024-04-18 01:37:40 Times Seen1 Hash 4ee6fcdfa7c9b4a04b8f3fc36f6def77 bccd4a3073e9f33e03f84bc7c7cf68d5941f2025 a464f46ce7c41724d1f62d7647911667ec67aa6b5bb203de920792cb7809c89f Loading...

	instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js	27 kB	2024-04-18	2024-04-18
Pretty URL instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 01:37:40 Last Seen2024-04-18 01:37:41 Times Seen2 Hash b791cebd08aee35690eab527d3c4aa76 0a1cbf4f1a339dd59513a7ca44cd5e401216387e d040afa3a7dd4f93e8d0192231013112c38479752d48b535aa436561fc16752a Loading...

	unknown	206 B	2023-03-07	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-29 04:36:19 Times Seen256 Hash 2700edffedbdaa40ab6a216ae8ced12f 573cb508bb36874954aa08c362370776cf73963c 35725d60531c253a1c499e18c6164aa07bcd1da0fa6e20e193b427e5970d8d09 Loading...

	unknown	710 B	2023-03-07	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-29 04:36:19 Times Seen256 Hash 44f474ad795f2c9a6ba3e00ba7d3e0ce fca7a12113dc770c62721146decd70697384e78f b23f5c96634b513c51b13397c53b235960fed3f771e72923c0d557e4e0830e5c Loading...

	www.teamos.xyz/js/xf/core-compiled.js?_v=099e916e	214 kB	2023-03-12	2024-04-29
Pretty URL www.teamos.xyz/js/xf/core-compiled.js?_v=099e916e IP 172.67.143.25 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:31:50 Last Seen2024-04-29 04:36:19 Times Seen617 Hash d0ab265a4f68a45efc52408bd69a7f25 c57033113a290427c17a5cd1c94b1829aac06fed abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3 Loading...

	static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793	19 kB	2024-04-17	2024-04-30
Pretty URL static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 04:05:01 Last Seen2024-04-30 11:09:09 Times Seen1284 Hash 3be93fd15d2f7dee2fc0c8981c6fa5c6 8cd88c36fad3e96641dbc4d781f5ddbe5123312f 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-30
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-30 11:10:07 Times Seen342923 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2711fceaffbc4adbdef1e52afbde54de	15 kB	2023-03-07	2024-04-29
Pretty Observations First Seen2023-03-07 12:28:02 Last Seen2024-04-29 04:36:19 Times Seen295 Hash 2711fceaffbc4adbdef1e52afbde54de 62a2235b484940a2478213c3ff460153c3071fc3 21d093407e762467a0eb2435e960d0848f2a22eaa9c174a751b0a2203ec0fff7 Loading...

	#2 Eval - 76bfda23f64cda6de6a8d0d8e5248745	2.1 kB	2024-04-18	2024-04-18
Pretty Observations First Seen2024-04-18 01:37:41 Last Seen2024-04-18 01:37:41 Times Seen1 Hash 76bfda23f64cda6de6a8d0d8e5248745 1cfbd6e9784f5802865001e1afd476e1a2456c7c 684db79a6ecdb900088ab8d71006d4a0e443406e6340aafbe41e69776314a01e Loading...

HTTP Transactions (52)

URL IP Response Size

www.teamos.xyz/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3

172.67.143.25

200 OK

169 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
Web Open Font Format (Version 2), TrueType, length 168768, version 331.-31261
Size
169 kB (168768 bytes)
Hash
d8689b99dce7c881d3130f3c91cfefdf
fb005c93930c13b3a5f449bbc75ba5ee23f609fa
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

HTTP Headers

GET /styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:07 GMT
content-type: font/woff2
content-length: 168768
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-29340"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZorniNDlWEZs7UHDySjeoBbFi1nBZvfYYQm6JDfKLENp%2FPThzSHPQfFBwD39RhDAt%2BrRsNVS%2F9OaIRoyVTQ7rca%2FYnikKuE%2B2W5xOR6D%2FYfMyoOnvsDc4hRJ2d%2BLpRKUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dbe3f7f56c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3

172.67.143.25

200 OK

137 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
Web Open Font Format (Version 2), TrueType, length 136824, version 331.-31261
Size
137 kB (136824 bytes)
Hash
978b27ec5d8b81d2b15aa28aaaae1fcb
76625967fe113a088e0627605b9d1bbfb8a5e47c
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

HTTP Headers

GET /styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:07 GMT
content-type: font/woff2
content-length: 136824
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-21678"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DI%2B7txWvA0MWr1%2B0tHaJw15TssB8GOoJuuLFv9D%2BQy2Omx477A2gBDPzLJBt%2BwlPSUgSeKLkQpEx7G19UEn1PKoIJuH8nM%2B0vyCXxarf%2FEoDpKt0yre%2FdQNRAJC3RjgbxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dbe4f8156c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3

172.67.143.25

200 OK

77 kB

URL GET HTTP/3
www.teamos.xyz/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
Web Open Font Format (Version 2), TrueType, length 76740, version 331.-31261
Size
77 kB (76740 bytes)
Hash
0511670fe2f5405105a6760294c5c51d
61cb879dec4fa97ece0d2a26cd6767c66117841b
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

HTTP Headers

GET /styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:07 GMT
content-type: font/woff2
content-length: 76740
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
etag: "63926c70-12bc4"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VW%2BMW6JXpai4Cuw81R9W%2FOZYZESXJVCESKjL9SW0SXyIX3BRarCj2Na8WLbBI6uNPmyHMqp4Mc4pdEgNTE1K1NedvwsH1so6ydvFlTuaUYd5%2FQhqAL0efhZau0tgXhX4Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dbe5f8b56c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/assets/logo/TeamOSBanner.png

172.67.143.25

200 OK

42 kB

URL GET HTTP/3
www.teamos.xyz/data/assets/logo/TeamOSBanner.png
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
PNG image data, 440 x 190, 8-bit/color RGBA, non-interlaced
Size
42 kB (41495 bytes)
Hash
6d2647b327cb54f616dcbec207599df0
4e3e0baad833e44a3eb1e2052d3e78fd828180bf
b6201f6ed7ee1358eaad1b0dc43a16dd215f1175ceef43a3169c2e51b3a737a8

HTTP Headers

GET /data/assets/logo/TeamOSBanner.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:07 GMT
content-type: image/png
content-length: 41495
last-modified: Sun, 08 Jan 2023 06:26:05 GMT
etag: "63ba61fd-a217"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6254
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuvMcC%2Bj1O5P7FpRxFAF%2FcM1NYM3PlZAHXGYPo9k1ogAK9f%2FXwDtCNcK2IqDhjA2%2FHBY5vwJsYw5LD6T8DqOdN5I5gh8zMp2B8957%2BbtwNON7A6J7GQHSYSLoEafGtqq%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dbe5f9256c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/xfa/customusernameicons/icons/star.png

172.67.143.25

200 OK

670 B

URL GET HTTP/3
www.teamos.xyz/data/xfa/customusernameicons/icons/star.png
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Size
670 B (670 bytes)
Hash
c8ca219ff43a2fb1dea67de2582123af
8fd08b1c430aa569e93d7fcd42f2f03b4ce57c02
9d3d2d2933fa0190f4ded95fabb5bde04bd1bbb0f040a8de93aeb0deda699b73

HTTP Headers

GET /data/xfa/customusernameicons/icons/star.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:07 GMT
content-type: image/png
content-length: 670
last-modified: Sun, 07 May 2023 17:28:57 GMT
etag: "6457dfd9-29e"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2435
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nT7V%2F3im3dr30j5yqIpFWQOMD30zIa8IUn9%2F34aQg9InacC3RF7X2LkhIweqHzgXxQs%2FKLGB4gYiHq6%2FGzd7L0unlDNSvgodl4FaEAwzZsKdyo3YXfeQvC%2BFhLbUdmnXJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dbe5f9456c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/images/dUy8t.gif

172.67.143.25

200 OK

23 kB

URL GET HTTP/3
www.teamos.xyz/images/dUy8t.gif
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
GIF image data, version 89a, 90 x 68
Size
23 kB (22768 bytes)
Hash
38be94eee10c04d248dc14b49a940b93
9d4fece605fc55c0ca18443c3018da3c34e40f05
8928b33dafb9036f74c4298b1e4097b90844fbed60bd41b8b9e3bbe4dcbda25b

HTTP Headers

GET /images/dUy8t.gif HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1713088796&k=034405c740f279c15adbbc41dfccb627ca90db04
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: image/gif
content-length: 22768
last-modified: Sun, 07 May 2023 10:55:46 GMT
etag: "645783b2-58f0"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2436
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zUrf90dxsTek9s5%2FAg6Vs5ImGItVEtz1k7PO0UlnVmtDg1AoT88Dib9UT4hjl%2FF2K7DtgsWUYJu%2BdDcQGcu4DlZnvKLAiPxn6%2B5CTZZ6GWMIdoBmuVJEVj9T4kk4524m4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dc138ae56c7-OSL
alt-svc: h3=":443"; ma=86400

static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793

104.16.79.73

200 OK

8.4 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectcloudflareinsights.com
Fingerprint73:92:5A:16:97:55:FC:A5:32:7C:F3:9D:0C:84:EF:F3:2F:AA:B5:00
ValiditySun, 10 Mar 2024 02:33:42 GMT - Sat, 08 Jun 2024 02:33:41 GMT

File type
gzip compressed data, from Unix
Size
8.4 kB (8372 bytes)
Hash
cab141e6d6552ab3c0865f4f73393540
76243cfd022851ec03cbfeae93a4977bafb21afc
fa573c4f745823a21ef74fc14a8a260a64f389cd99003449b132684af38c322e

HTTP Headers

GET /beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:37:07 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.4.0"
last-modified: Mon, 15 Apr 2024 22:09:58 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dbf9f84b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.106

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 09:56:44 GMT
expires: Wed, 16 Apr 2025 09:56:44 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 135624
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js

172.240.253.132

200 OK

9.8 kB

URL GET HTTP/1.1
instrumenttactics.com/7326f362b41f2b6bdb387bd9014ae95b/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
FingerprintB3:B4:C7:34:36:45:7C:C8:57:0A:23:0A:32:B1:C8:72:96:4D:85:25
ValidityThu, 14 Mar 2024 07:34:53 GMT - Wed, 12 Jun 2024 07:34:52 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (26600), with no line terminators
Size
9.8 kB (9794 bytes)
Hash
b791cebd08aee35690eab527d3c4aa76
0a1cbf4f1a339dd59513a7ca44cd5e401216387e
d040afa3a7dd4f93e8d0192231013112c38479752d48b535aa436561fc16752a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /7326f362b41f2b6bdb387bd9014ae95b/invoke.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 23:37:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c20680f799a10e416b83dd31454a019
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.googletagmanager.com/gtag/js?id=UA-77872044-1

142.250.74.40

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-77872044-1
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (72939 bytes)
Hash
4b9b7d65adb5c18fc9421d041300df97
bd34ef3d2b77a157328d96968c20865ac8a5bbda
3e3c2f6ecea254b8b55ba327c122aa434e9c3a5fb741bd9501beedc0422d85b0

HTTP Headers

GET /gtag/js?id=UA-77872044-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 Apr 2024 23:37:08 GMT
expires: Wed, 17 Apr 2024 23:37:08 GMT
cache-control: private, max-age=900
last-modified: Wed, 17 Apr 2024 23:04:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72939
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

172.67.143.25

200 OK

4.4 kB

URL GET HTTP/3
www.teamos.xyz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
gzip compressed data, from Unix
Size
4.4 kB (4357 bytes)
Hash
2c028786550ccc3adf1ac33992f8d3e9
f5e80fa00950a218954b89cf68f46e32d378b581
3028e4a4553fbe29531599ecf9aa3fec620ef6cd02381c5554fb0cbf5aa07514

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:07 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 15:45:04 GMT
etag: W/"661e9d00-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kX56%2FbLzKn1hZxZRjJ%2B%2BVxrFenVbr36vyCZh0hlPmS771b1UvNv%2B9zPBM%2FOiPfma3kegGWF17ctOFjxZAqJEUht3MXIg%2FOOL45DdoHoiJ0cWx6Pm8n6zFvnNz8RPHz40KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dbe8fa556c7-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 19 Apr 2024 23:37:07 GMT
cache-control: max-age=172800, public
content-encoding: gzip

www.teamos.xyz/js/xf/preamble.min.js?_v=099e916e

172.67.143.25

200 OK

50 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/preamble.min.js?_v=099e916e
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
JavaScript source, ASCII text, with very long lines (546)
Size
50 kB (49838 bytes)
Hash
57c077607d1b4ba5bfeac6740d6e9576
8ce714d869d8f3b46eb3a7c7689920e1a85b0808
c803ce6d437915781a624a97755010f88deffd73bcf1a8e40fe98fc2d0e1ca3d

HTTP Headers

GET /js/xf/preamble.min.js?_v=099e916e HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
vary: Accept-Encoding
etag: W/"63926c70-d33"
expires: Fri, 19 Apr 2024 08:41:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 485637
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lTaKTfizHk8iSlQ1i2uMpA%2F6D6Xk7mfn%2FNSzAm0K%2BcT54dd%2B3apkkaRqBOl32HBwATjq2QmV5NYF7oErpiWA8dNxKLYBxc38FDWE0xToOUGA6AxxvMpwxvjmUgwXLY%2FpGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603dc1d8ff56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/js/vendor/vendor-compiled.js?_v=099e916e

172.67.143.25

200 OK

61 kB

URL GET HTTP/3
www.teamos.xyz/js/vendor/vendor-compiled.js?_v=099e916e
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
JavaScript source, ASCII text, with very long lines (15908)
Size
61 kB (60961 bytes)
Hash
372b0c5f17990ad741c3d02593f63fe8
4e577cb859755cbf104a2334e6307a5291558689
ef5f0b7e161099d503298ab2d66a927f48401f992d188cd04415419b41dcd0b1

HTTP Headers

GET /js/vendor/vendor-compiled.js?_v=099e916e HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=43704
etag: W/"63926c70-aab8"
expires: Fri, 19 Apr 2024 08:41:06 GMT
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
cf-cache-status: HIT
age: 485637
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LfN4zF6JmOrd9WXOW80WpuGyBoZPgcCbQjgi%2FvaZ7Oky%2Bw5WqHj61vCw%2FWj0mV4uy%2Bmb2Pf2gDm8ordL6lLcgxWVYFOrzSMAVEfqKMdrwoXY%2Bqv2MvJTzilwcC03XMHeDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603dc1a8e356c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/128/128632.jpg?1706906858

172.67.143.25

200 OK

122 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/128/128632.jpg?1706906858
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
GIF image data, version 89a, 48 x 48
Size
122 kB (121484 bytes)
Hash
d2d03ac1fb3cb7c41176fe0d02f16b4b
4ed129547e7e76e1aa378264e005e5932c4773e3
d24eb1531e3e235d971319a5b720d5e1c5df5dfeb61e302231e09e66053115f4

HTTP Headers

GET /data/avatars/s/128/128632.jpg?1706906858 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: image/jpeg
content-length: 121484
last-modified: Fri, 02 Feb 2024 20:48:28 GMT
etag: "65bd551c-1da8c"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 5990
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJGQK9MAC%2FAF2XbIDuICbgkRWRwglLuHNosk%2FcuGGoZoJ5Jnq2o1u2LkFDD0SIELJN8ki1hgTXHw3soTtKM1N3VOPQ8k912HVbAx4JH%2FqPbpbjqFYs2MwDRaPL%2FXb7%2BoYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dc54a8656c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/445/445757.jpg?1542663194

172.67.143.25

200 OK

5.4 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/445/445757.jpg?1542663194
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
5.4 kB (5420 bytes)
Hash
b6f3a21f4acc509c6de62fdae1128178
c000c5553a81b74b773ee07e16e9a4606434e014
53190cf651f10c7960b0544d4fcd6fb299cc5c253937fe0a6e9e8580af64bd3d

HTTP Headers

GET /data/avatars/s/445/445757.jpg?1542663194 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: image/jpeg
content-length: 5420
last-modified: Sat, 04 May 2019 23:47:33 GMT
etag: "5cce2495-152c"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nDPZ%2FIj3Ojvu0MRh%2FZDk34f4d4kdY3mDSvSu1XhN87WVoLdkT5P%2Bv7ZgvKUeXwa0%2FLqbFzLlM0jy%2B%2BnOLzr9ZfXaPfxJAwDQiBceCZaZtisQ8dBwjRVSROKsa7YE7Guhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dc54a8556c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/10/10154.jpg?1710632396

172.67.143.25

200 OK

2.0 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/10/10154.jpg?1710632396
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 48x48, components 3
Size
2.0 kB (1962 bytes)
Hash
1ae90eb6ef7b7b1f2e89b12bc6e186e5
760bdb0af23e710f1c21b8055fd884c3bb5c230c
5107dc58275b02e4e30fd32ac7d95ff9acf247a78ced068285ad97813e378a60

HTTP Headers

GET /data/avatars/s/10/10154.jpg?1710632396 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: image/jpeg
content-length: 1962
last-modified: Sat, 16 Mar 2024 23:39:58 GMT
etag: "65f62dce-7aa"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxDhaRcmgqy1td%2B2D9U697Lz3Jx8YUvim27FSTahHH8TFKCHY4GOrZJ5AAUUJAyAW5RU1ScJmnj4eNxikbp1ZeFThX2Mc1vwZj8UEhDVsvYt096uNZqUUkcVxIn7m10vaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dc55a8e56c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/1244/1244182.jpg?1712727528

172.67.143.25

200 OK

1.6 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/1244/1244182.jpg?1712727528
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 48x48, components 3
Size
1.6 kB (1621 bytes)
Hash
b2271a2753fe1e2e8850cb6bd2ad803b
ef06a77553587bcf39dbc203c6851a0c58887c17
2fda6fb8726e7834300f2e0d3fb900bc88cf8d325ade337035a39c83d297ee91

HTTP Headers

GET /data/avatars/s/1244/1244182.jpg?1712727528 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: image/jpeg
content-length: 1621
last-modified: Wed, 10 Apr 2024 05:38:49 GMT
etag: "661625e9-655"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TefDuPLvPmFqVuyt2TREp3%2F4h65i0oR9EBkiELA%2B%2FlyqxhWN9kWZXJL3C2UwH6YtCGnBa2GSCVUZNfPLcYbObrzbLuxFy%2BiFIcsldVT%2B%2BCMq%2BesrSCml4viEMiAcAu3j9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dc56a9056c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/data/avatars/s/36/36463.jpg?1442985987

172.67.143.25

200 OK

1.5 kB

URL GET HTTP/3
www.teamos.xyz/data/avatars/s/36/36463.jpg?1442985987
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 48x48, components 3
Size
1.5 kB (1473 bytes)
Hash
1267c24a9de6a7a03fdbf303c317d3a0
edf062c21532397900b7995e9f99a950ed342912
f79cbe5f7501e2c225e6fa9d4aef2a1c95c1ba692c1fe7530aeb45a214af6f5c

HTTP Headers

GET /data/avatars/s/36/36463.jpg?1442985987 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: image/jpeg
content-length: 1473
last-modified: Sat, 04 May 2019 23:42:22 GMT
etag: "5cce235e-5c1"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Q%2BAsh9IGFQZtTQiCHgBKjtlFxx9sy%2FJ3MR9hLxp5QBL9pjdoySfSHx5SnuaKHexm5YEGc3NIoAAU40bJY9CzO1MmA%2F3erhz0jhnfDM3eGqoCeH94AKhtnWZLq7MSP0O5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dc56a9256c7-OSL
alt-svc: h3=":443"; ma=86400

instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js

192.243.61.227

200 OK

31 kB

URL GET HTTP/1.1
instrumenttactics.com/a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
FingerprintB3:B4:C7:34:36:45:7C:C8:57:0A:23:0A:32:B1:C8:72:96:4D:85:25
ValidityThu, 14 Mar 2024 07:34:53 GMT - Wed, 12 Jun 2024 07:34:52 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (30768 bytes)
Hash
0be3fffcb94ce725630154cf959d08d8
b8ea460525a59b39d46104ecdf45d89b15b03758
1e8cfac4c860068eab4b383184433994794b46353ec180b0a89b599413033611

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /a1/e8/91/a1e8916f3df739635783bc00fa07bfe6.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 23:37:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2967-layer=1; expires=Mon, 22 Apr 2024 14:37:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a20fb9e6fca6d5d0a614eb332c5be9b5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

52.29.198.136

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.198.136:443
ASN
#16509 AMAZON-02

Requested by
https://www.teamos.xyz/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
47a3ccd719b0e554a4f93241aef4036d
8fd8bf63ec3ce3fb793bf726ccbb813665ad9db0
a082c156e198dc63e712ee3fba62f6b5be8dcf225a783709ffd84e9ee3f60013

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.teamos.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6:1:1; expires=Sat, 15 Apr 2034 23:37:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

52.29.198.136

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
52.29.198.136:443
ASN
#16509 AMAZON-02

Requested by
https://www.teamos.xyz/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
47a3ccd719b0e554a4f93241aef4036d
8fd8bf63ec3ce3fb793bf726ccbb813665ad9db0
a082c156e198dc63e712ee3fba62f6b5be8dcf225a783709ffd84e9ee3f60013

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: uid_id2=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.teamos.xyz
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js

192.243.61.227

200 OK

12 kB

URL GET HTTP/1.1
instrumenttactics.com/ae333e82cfaead9ba22e64954c139352/invoke.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectinstrumenttactics.com
FingerprintB3:B4:C7:34:36:45:7C:C8:57:0A:23:0A:32:B1:C8:72:96:4D:85:25
ValidityThu, 14 Mar 2024 07:34:53 GMT - Wed, 12 Jun 2024 07:34:52 GMT

File type
JavaScript source, ASCII text, with very long lines (31292), with no line terminators
Size
12 kB (11840 bytes)
Hash
0583add19868dba9e2c251d46f060ccc
32612ab06233887a472302f07b81dde287865967
b7675570c27cf2c6f459f336473f6181d00e9f3c1cdc534a51de30d5d753765b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ae333e82cfaead9ba22e64954c139352/invoke.js HTTP/1.1
Host: instrumenttactics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 17 Apr 2024 23:37:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 218a9b1bcba1afc514b9480621e16644
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

secure.gravatar.com/avatar/847e8f32748307eb83936d65dcd58523?s=48

192.0.73.2

200 OK

2.0 kB

URL GET HTTP/2
secure.gravatar.com/avatar/847e8f32748307eb83936d65dcd58523?s=48
IP
192.0.73.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://www.teamos.xyz/
Certificate
IssuerSectigo Limited
Subject*.gravatar.com
Fingerprint28:34:17:4E:69:95:4B:B9:70:DF:D4:0F:AA:2C:8D:60:F2:45:E7:D0
ValidityTue, 05 Dec 2023 00:00:00 GMT - Sat, 04 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 48x48, components 3
Size
2.0 kB (1978 bytes)
Hash
85126f65e11ccf3d506cae02797ac9a3
8913489d899afa683043212fd369a8da7ff37772
a773483cd9e42bbd8e4af8d5e548f44e4bdb875cf718db022c34c4ff2d0f407e

HTTP Headers

GET /avatar/847e8f32748307eb83936d65dcd58523?s=48 HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 23:37:09 GMT
content-type: image/jpeg
content-length: 1978
last-modified: Fri, 08 Mar 2013 11:46:09 GMT
link: <https://gravatar.com/avatar/847e8f32748307eb83936d65dcd58523?s=48>; rel="canonical"
content-disposition: inline; filename="847e8f32748307eb83936d65dcd58523.jpeg"
access-control-allow-origin: *
expires: Wed, 17 Apr 2024 23:42:09 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

www.teamos.xyz/data/assets/logo/TeamOS.png

172.67.143.25

200 OK

21 kB

URL GET HTTP/3
www.teamos.xyz/data/assets/logo/TeamOS.png
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
21 kB (20927 bytes)
Hash
86270c1741a9db8f95b7d6fdef2c62b4
17a3a90ec7e9d33dd84a77509446bf64d73d2e9e
83c1feff94030b6ddf0e2105ef24f444520c4e0fe3a0e6bf618eced3d2725bd2

HTTP Headers

GET /data/assets/logo/TeamOS.png HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:09 GMT
content-type: image/png
content-length: 20927
last-modified: Fri, 14 May 2021 15:05:04 GMT
etag: "609e91a0-51bf"
strict-transport-security: max-age=15768000
cache-control: max-age=31536000
cf-cache-status: HIT
age: 6256
accept-ranges: bytes
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2B%2BIBDF%2BF3fSD2M2PHkOc89ec%2FZNCTnJR1LxPXRQTizVgKVBCR2s%2B5%2BanVsfpiPRlw91snLHAwvSVTLEPCze1ZORe4bnfD53gBfccpbcIEV2OGOKg8CMQWQgIynwEajHZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dcafd4556c7-OSL
alt-svc: h3=":443"; ma=86400

duesirresponsible.com/ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4

192.243.59.13

200 OK

18 kB

URL GET HTTP/1.1
duesirresponsible.com/ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectduesirresponsible.com
Fingerprint40:76:4A:BB:57:E2:6D:45:F5:E5:95:D9:A2:CA:F8:85:D4:8E:6F:C1
ValidityTue, 16 Apr 2024 09:53:48 GMT - Mon, 15 Jul 2024 09:53:47 GMT

File type
JSON text data
Size
18 kB (17661 bytes)
Hash
b9d55341acc940f34ea8ec1b8436bcf3
4b0bf94fc32eaa0de02db38508d2999504c43fef
228fba252045d54ed2e09ea2f7d0750a558cf50f47ba9782e544e717835790f0

HTTP Headers

GET /ntv.json?key=7326f362b41f2b6bdb387bd9014ae95b&vstc=4 HTTP/1.1
Host: duesirresponsible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 23:37:09 GMT
Content-Type: application/json
Content-Length: 17661
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17773605; expires=Thu, 18 Apr 2024 23:37:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 18 Apr 2024 23:37:09 GMT; secure; SameSite=None
uncs=1; expires=Thu, 18 Apr 2024 23:37:09 GMT; secure; SameSite=None
pdhtkv49=true; expires=Thu, 18 Apr 2024 23:37:09 GMT; secure; SameSite=None
uncs49=1; expires=Thu, 18 Apr 2024 23:37:09 GMT; secure; SameSite=None
nlec7326f362b41f2b6bdb387bd9014ae95b=[4991490,4991489,4991488]; expires=Wed, 17 Apr 2024 23:37:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 012c6300eec650d772ab39a67c97fdfc
Strict-Transport-Security: max-age=0; includeSubdomains

www.teamos.xyz/cdn-cgi/rum?

172.67.143.25

204 No Content

0 B

URL POST HTTP/3
www.teamos.xyz/cdn-cgi/rum?
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1042
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1; pp_main_a1e8916f3df739635783bc00fa07bfe6=1; m5a4xojbcp2nx3gptmm633qal3gzmadn=duesirresponsible.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Wed, 17 Apr 2024 23:37:09 GMT
access-control-allow-origin: https://www.teamos.xyz
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87603dcbed9c56c7-OSL
x-frame-options: DENY
x-content-type-options: nosniff

packageeyeball.com/watch.1327929840233.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.2071&uuid=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1

192.243.59.20

307 Temporary Redirect

0 B

URL GET HTTP/1.1
packageeyeball.com/watch.1327929840233.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.2071&uuid=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectpackageeyeball.com
FingerprintE4:11:98:44:04:E3:53:B7:30:18:6D:29:77:26:E3:AC:0D:5D:80:08
ValidityTue, 16 Apr 2024 14:05:38 GMT - Mon, 15 Jul 2024 14:05:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1327929840233.js?key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&refer=https%3A%2F%2Fwww.teamos.xyz%2F&tz=0&dev=e&res=14.2071&uuid=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1 HTTP/1.1
Host: packageeyeball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 23:37:09 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Location: https://packageeyeball.com/watch.1327929840233.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1713397089&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=379e5cbcd88e4d3e749d7a548f1f509e730b06a856de5a138d19bafa4be2664a219ae84f16ea2cb8dc8e8581d89ee6591069af4f65833fd8b2e382aec03a22a6eac8954ab3d5b7d345a89eaa291f88ea43337df947227bb2719e5215effb07&tz=0&uuid=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1
Set-Cookie: u_pl=17155452; expires=Thu, 18 Apr 2024 23:37:09 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE1NTQ1MiwiayI6ImFlMzMzZTgyY2ZhZWFkOWJhMjJlNjQ5NTRjMTM5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODMyNTYxLCJwaWQiOjM4NzE4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyMywicHQiOjQsInBrIjoiYXM3MnhuaXRqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRlYW1vcy54eXovIiwiYXIiOltdfX0.vK4tJsWTw5CV2VlEaDdK8WeL0wD9fKt6UhZ2fr9PJ1M; expires=Wed, 17 Apr 2024 23:38:09 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac14fb1da948a95a395778ab6fc129d2
Strict-Transport-Security: max-age=0; includeSubdomains

www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c

142.250.74.40

200 OK

88 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
88 kB (88213 bytes)
Hash
69d6817ebf6e6186ed9934bbd0910212
ba9eaacce34d55b881f00ae1026a68ec9db50145
d6f5f35adf2b713129ff8adb24bdd8b6b7276aab952261808d5ac4c8586190fb

HTTP Headers

GET /gtag/js?id=G-ZMK4J7B2XT&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 17 Apr 2024 23:37:09 GMT
expires: Wed, 17 Apr 2024 23:37:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88213
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

duesirresponsible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuXseLgmLIbS9zWdBFJt09k56Me1iMMUtw3Ky7il5Eqrp6JmWqu9qqrunJCBJckD3JCF701Pkm2eC6LPoDXGSyIBIQ0p5y2IA370LO0mNw9EH3%2B773vYbvvddf7Nkz4sPS07W31UhISZeWG2795Q8871q9KxI7rA9Xgo%2BC1rW6HrzWCRruK%2FUbUbitlnzXc13P9errQkc9NVyqRIj0YcdrdNxGy294yy0M9f%2B5sQ4MdcAHZ2QBgpe1J84iRDhFEv%2BwFpntTKWvvhlbSTOlMeCH7yXbicoTxHPY0w56yeFFN5Q5WX8MlRzM7EIN%2Fm1koiTOL4%2FBksMLk2CD%2FZlPJhElYPx55IMpIjmFoFOE6i4EPyFAyHFzE0l8%2F6bSOd35R6WVWpLa%2BV8QeUlqTxeRxI9WpRjW7yhpM6ESg2GvgBhOIfpTpPYI2egSRH6EMPscgv9Gls67SOL9TSMVBC9mswsxhehNIaMxqHFgq0c4sD0HNnUQ89N66Hle2%2BUhdVc6Ydjk7YgF3PVou%2BdRzw1WYMPK3hhZOkYoxwj1LlK9i23x1cnyArT9GWargOEOTFYS551dDHiBPCLIDUFOCXJBkGcE%2BaA44NL4prjPpbHMu8j%2BRW4WE5X19%2BiByvpRQkD1GJoXe%2BkZealakfNi6wq2o9N6u%2BkHvWbgs5bX81nAOGuutBnvuF6LRp1lBiMKCHNpNvVIlOTy%2BSdIRUme%2FTMFo0cw8gihWAC1HmhegG4VGCUPsojGyjSGOyNwVSDNash2nD15Ri7PTtS9eglReHw9G%2F1x49Hipwh1gVQX%2BFg8IejLe5PbKif7t1VuyI%2BbaSZiMaLV%2Be5kNIueefBWtJMrzTfWzPi718NKqODDdyOTdWnCRdI35PtVwXmk15UOI%2FLThnk%2FYres2Vq1OrFp99Yb6xtxqiNjhEqmoKIkteMdhKIkLzz9bPZnXrVfQugptC0Q22NyERDqCGG6C5POa0YRaDnnLHWQ22KifTYvSkEgozmnrID5D2dzPNG0%2BpqKYs%2FcQ1%2FXQLO7SOICA11gIAtQOYaxz02yVB9f%2F%2FWbKr4Fk7UJk7q2z6SWX8%2FWXJKu%2BL1CTvUiMKK6etOlQWfZa7dp1GYtf6UXeJxSvxX4QUCbyEzZq3945W8AAAD%2F%2FwEAAP%2F%2FdNxGMH0EAAA%3D

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
duesirresponsible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuXseLgmLIbS9zWdBFJt09k56Me1iMMUtw3Ky7il5Eqrp6JmWqu9qqrunJCBJckD3JCF701Pkm2eC6LPoDXGSyIBIQ0p5y2IA370LO0mNw9EH3%2B773vYbvvddf7Nkz4sPS07W31UhISZeWG2795Q8871q9KxI7rA9Xgo%2BC1rW6HrzWCRruK%2FUbUbitlnzXc13P9errQkc9NVyqRIj0YcdrdNxGy294yy0M9f%2B5sQ4MdcAHZ2QBgpe1J84iRDhFEv%2BwFpntTKWvvhlbSTOlMeCH7yXbicoTxHPY0w56yeFFN5Q5WX8MlRzM7EIN%2Fm1koiTOL4%2FBksMLk2CD%2FZlPJhElYPx55IMpIjmFoFOE6i4EPyFAyHFzE0l8%2F6bSOd35R6WVWpLa%2BV8QeUlqTxeRxI9WpRjW7yhpM6ESg2GvgBhOIfpTpPYI2egSRH6EMPscgv9Gls67SOL9TSMVBC9mswsxhehNIaMxqHFgq0c4sD0HNnUQ89N66Hle2%2BUhdVc6Ydjk7YgF3PVou%2BdRzw1WYMPK3hhZOkYoxwj1LlK9i23x1cnyArT9GWargOEOTFYS551dDHiBPCLIDUFOCXJBkGcE%2BaA44NL4prjPpbHMu8j%2BRW4WE5X19%2BiByvpRQkD1GJoXe%2BkZealakfNi6wq2o9N6u%2BkHvWbgs5bX81nAOGuutBnvuF6LRp1lBiMKCHNpNvVIlOTy%2BSdIRUme%2FTMFo0cw8gihWAC1HmhegG4VGCUPsojGyjSGOyNwVSDNash2nD15Ri7PTtS9eglReHw9G%2F1x49Hipwh1gVQX%2BFg8IejLe5PbKif7t1VuyI%2BbaSZiMaLV%2Be5kNIueefBWtJMrzTfWzPi718NKqODDdyOTdWnCRdI35PtVwXmk15UOI%2FLThnk%2FYres2Vq1OrFp99Yb6xtxqiNjhEqmoKIkteMdhKIkLzz9bPZnXrVfQugptC0Q22NyERDqCGG6C5POa0YRaDnnLHWQ22KifTYvSkEgozmnrID5D2dzPNG0%2BpqKYs%2FcQ1%2FXQLO7SOICA11gIAtQOYaxz02yVB9f%2F%2FWbKr4Fk7UJk7q2z6SWX8%2FWXJKu%2BL1CTvUiMKK6etOlQWfZa7dp1GYtf6UXeJxSvxX4QUCbyEzZq3945W8AAAD%2F%2FwEAAP%2F%2FdNxGMH0EAAA%3D
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectduesirresponsible.com
Fingerprint40:76:4A:BB:57:E2:6D:45:F5:E5:95:D9:A2:CA:F8:85:D4:8E:6F:C1
ValidityTue, 16 Apr 2024 09:53:48 GMT - Mon, 15 Jul 2024 09:53:47 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuXseLgmLIbS9zWdBFJt09k56Me1iMMUtw3Ky7il5Eqrp6JmWqu9qqrunJCBJckD3JCF701Pkm2eC6LPoDXGSyIBIQ0p5y2IA370LO0mNw9EH3%2B773vYbvvddf7Nkz4sPS07W31UhISZeWG2795Q8871q9KxI7rA9Xgo%2BC1rW6HrzWCRruK%2FUbUbitlnzXc13P9errQkc9NVyqRIj0YcdrdNxGy294yy0M9f%2B5sQ4MdcAHZ2QBgpe1J84iRDhFEv%2BwFpntTKWvvhlbSTOlMeCH7yXbicoTxHPY0w56yeFFN5Q5WX8MlRzM7EIN%2Fm1koiTOL4%2FBksMLk2CD%2FZlPJhElYPx55IMpIjmFoFOE6i4EPyFAyHFzE0l8%2F6bSOd35R6WVWpLa%2BV8QeUlqTxeRxI9WpRjW7yhpM6ESg2GvgBhOIfpTpPYI2egSRH6EMPscgv9Gls67SOL9TSMVBC9mswsxhehNIaMxqHFgq0c4sD0HNnUQ89N66Hle2%2BUhdVc6Ydjk7YgF3PVou%2BdRzw1WYMPK3hhZOkYoxwj1LlK9i23x1cnyArT9GWargOEOTFYS551dDHiBPCLIDUFOCXJBkGcE%2BaA44NL4prjPpbHMu8j%2BRW4WE5X19%2BiByvpRQkD1GJoXe%2BkZealakfNi6wq2o9N6u%2BkHvWbgs5bX81nAOGuutBnvuF6LRp1lBiMKCHNpNvVIlOTy%2BSdIRUme%2FTMFo0cw8gihWAC1HmhegG4VGCUPsojGyjSGOyNwVSDNash2nD15Ri7PTtS9eglReHw9G%2F1x49Hipwh1gVQX%2BFg8IejLe5PbKif7t1VuyI%2BbaSZiMaLV%2Be5kNIueefBWtJMrzTfWzPi718NKqODDdyOTdWnCRdI35PtVwXmk15UOI%2FLThnk%2FYres2Vq1OrFp99Yb6xtxqiNjhEqmoKIkteMdhKIkLzz9bPZnXrVfQugptC0Q22NyERDqCGG6C5POa0YRaDnnLHWQ22KifTYvSkEgozmnrID5D2dzPNG0%2BpqKYs%2FcQ1%2FXQLO7SOICA11gIAtQOYaxz02yVB9f%2F%2FWbKr4Fk7UJk7q2z6SWX8%2FWXJKu%2BL1CTvUiMKK6etOlQWfZa7dp1GYtf6UXeJxSvxX4QUCbyEzZq3945W8AAAD%2F%2FwEAAP%2F%2FdNxGMH0EAAA%3D HTTP/1.1
Host: duesirresponsible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991490,4991489,4991488]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 23:37:09 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4b96c540a35509016c7ec5e2df97a356
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png

45.133.44.10

200 OK

105 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
105 kB (104949 bytes)
Hash
440d0ebcc9ae01aba77f74d9015ff0b3
9065b873ac93b45da1765682071eaaf6efe12e5c
7834596c29b94d74435163b3875c5042082912c1aff529986b0235cd9b7b27cc

HTTP Headers

GET /si/86/3f/08/863f08d585223246ad7d12f9b6d24043/1710839668.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:37:09 GMT
content-type: image/png
content-length: 104949
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:37 GMT
etag: "65f9577d-199f5"
expires: Fri, 19 Apr 2024 23:37:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/e9/da/82/e9da827390d381c33b5846be1806166e/1708428556.jpg

45.133.44.10

200 OK

20 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/e9/da/82/e9da827390d381c33b5846be1806166e/1708428556.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3
Size
20 kB (19450 bytes)
Hash
5d89286c28832545cbdc4f9a8e770088
466dee9443e684d9a938229bb16d2447e0ef68a3
b2d388f122d90b4e22bd2ee5570614b99f6edcbe6df84471c50c1e5b1351e1d4

HTTP Headers

GET /cti/e9/da/82/e9da827390d381c33b5846be1806166e/1708428556.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:37:09 GMT
content-type: image/jpeg
content-length: 19450
server: nginx/1.21.6
last-modified: Tue, 20 Feb 2024 11:29:24 GMT
etag: "65d48d14-4bfa"
expires: Fri, 19 Apr 2024 23:37:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

duesirresponsible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3t%2F8LgqKIbe9zGVBF5l090x6Mu5hMcYswXGz7ip6Eanq6pmUqe5qq7qmJyNIcEH24GEEL3rqfJNscF0W%2FQNcZLIgEhDSnnLYgDfvQs7Ss8HRB8X7Xn2v4Hvvqy%2F27BnxYenp2ttqJKSkS8sNt%2F7yB553rd4ViR3WhyvBR0HrWl0PXusEDfeV%2Bo0o3FZLvuu5rud69XWho54aLlUkRPqw4zU6bqPlN7zlFob6v7WxDgx1wAdnZAGCl7UnziJEOEUS%2F7AWme1Mpa%2B%2BGVtJM6Ux4IfvJduJyhPEc9jTDnrJ4UU3lDlZfwyVHMzkQg3%2BaWSiJM4vj8GSwwuRYIP9mU4mESVg%2FHnkgykiOYWgU4TqLgQ%2FIUDIcXMTSXz%2FptI53XnG0ootSe38L4i8JLWni0jiR6tSDOt3lLSZUInBsFdADKcQ%2FSlSe4RsdAkiP0KYfQ7BfyNL510k8f6mkQqCF7PZhZhC9KaQ0RjUOLDVEQ5sz4FNHcT8tB56ntd2eUjdlU4YNnk7YgF3PdruedRzgxXYsJI3RpaOEcoxQr2LVO9iW3x1srwAbX%2BG2SpguAOTlcR5ZxcDXiCPCHJDkFOCXBDkGUE%2BKA64NL4p7nNpLPMusn%2BRm8VEZf09eqCyfpQQUD2G5sVeekZeqlbkvNi6gu3otN5u%2BkGvGfis5fV8FjDOmittxjuu16JRZ5nBiALCXJpNPRIluXz%2BCVJRkv%2F%2FmYLRIxh5hFAsgFoPNC9AtwqMkgdZRGNlGsOdEbgqkGY1ZDvOnjwjl2cWda8SROHx9Wz0x41Hi58i1AVSXeBj8YSgL%2B9Nbquc7N9WuSE%2FbqaZiMWIVvbdyWgW%2Fe%2FBW9FOrjTfWDPj714PK6KCD9%2BNTNalCRdJ35DvVwXnkV5XOozITxvm%2FYjdsmZr1erEpt1bb6xvxKmOjBEqmYKKktSOdxCKkrzw9LPZz7xqv4TQU2hbILbH5CIg1BHCdBcmnes3ikDLeQ9La8htMdE%2Bm19KQSCjeU1ZAfOvms3xRNPqNRXFnrmHvq6BZneRxAUGusBAFqByDGOfm2SpPr7%2B6zdVfAsmaxMmdW2fSS2%2FrtZ8qSRd8XuFnGdbN6JyvenSoLPstds0arOWv9ILPE6p3wr8IKBNZKbs1T%2B88jcAAAD%2F%2FwEAAP%2F%2FS9TUYn0EAAA%3D

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
duesirresponsible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3t%2F8LgqKIbe9zGVBF5l090x6Mu5hMcYswXGz7ip6Eanq6pmUqe5qq7qmJyNIcEH24GEEL3rqfJNscF0W%2FQNcZLIgEhDSnnLYgDfvQs7Ss8HRB8X7Xn2v4Hvvqy%2F27BnxYenp2ttqJKSkS8sNt%2F7yB553rd4ViR3WhyvBR0HrWl0PXusEDfeV%2Bo0o3FZLvuu5rud69XWho54aLlUkRPqw4zU6bqPlN7zlFob6v7WxDgx1wAdnZAGCl7UnziJEOEUS%2F7AWme1Mpa%2B%2BGVtJM6Ux4IfvJduJyhPEc9jTDnrJ4UU3lDlZfwyVHMzkQg3%2BaWSiJM4vj8GSwwuRYIP9mU4mESVg%2FHnkgykiOYWgU4TqLgQ%2FIUDIcXMTSXz%2FptI53XnG0ootSe38L4i8JLWni0jiR6tSDOt3lLSZUInBsFdADKcQ%2FSlSe4RsdAkiP0KYfQ7BfyNL510k8f6mkQqCF7PZhZhC9KaQ0RjUOLDVEQ5sz4FNHcT8tB56ntd2eUjdlU4YNnk7YgF3PdruedRzgxXYsJI3RpaOEcoxQr2LVO9iW3x1srwAbX%2BG2SpguAOTlcR5ZxcDXiCPCHJDkFOCXBDkGUE%2BKA64NL4p7nNpLPMusn%2BRm8VEZf09eqCyfpQQUD2G5sVeekZeqlbkvNi6gu3otN5u%2BkGvGfis5fV8FjDOmittxjuu16JRZ5nBiALCXJpNPRIluXz%2BCVJRkv%2F%2FmYLRIxh5hFAsgFoPNC9AtwqMkgdZRGNlGsOdEbgqkGY1ZDvOnjwjl2cWda8SROHx9Wz0x41Hi58i1AVSXeBj8YSgL%2B9Nbquc7N9WuSE%2FbqaZiMWIVvbdyWgW%2Fe%2FBW9FOrjTfWDPj714PK6KCD9%2BNTNalCRdJ35DvVwXnkV5XOozITxvm%2FYjdsmZr1erEpt1bb6xvxKmOjBEqmYKKktSOdxCKkrzw9LPZz7xqv4TQU2hbILbH5CIg1BHCdBcmnes3ikDLeQ9La8htMdE%2Bm19KQSCjeU1ZAfOvms3xRNPqNRXFnrmHvq6BZneRxAUGusBAFqByDGOfm2SpPr7%2B6zdVfAsmaxMmdW2fSS2%2FrtZ8qSRd8XuFnGdbN6JyvenSoLPstds0arOWv9ILPE6p3wr8IKBNZKbs1T%2B88jcAAAD%2F%2FwEAAP%2F%2FS9TUYn0EAAA%3D
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectduesirresponsible.com
Fingerprint40:76:4A:BB:57:E2:6D:45:F5:E5:95:D9:A2:CA:F8:85:D4:8E:6F:C1
ValidityTue, 16 Apr 2024 09:53:48 GMT - Mon, 15 Jul 2024 09:53:47 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3t%2F8LgqKIbe9zGVBF5l090x6Mu5hMcYswXGz7ip6Eanq6pmUqe5qq7qmJyNIcEH24GEEL3rqfJNscF0W%2FQNcZLIgEhDSnnLYgDfvQs7Ss8HRB8X7Xn2v4Hvvqy%2F27BnxYenp2ttqJKSkS8sNt%2F7yB553rd4ViR3WhyvBR0HrWl0PXusEDfeV%2Bo0o3FZLvuu5rud69XWho54aLlUkRPqw4zU6bqPlN7zlFob6v7WxDgx1wAdnZAGCl7UnziJEOEUS%2F7AWme1Mpa%2B%2BGVtJM6Ux4IfvJduJyhPEc9jTDnrJ4UU3lDlZfwyVHMzkQg3%2BaWSiJM4vj8GSwwuRYIP9mU4mESVg%2FHnkgykiOYWgU4TqLgQ%2FIUDIcXMTSXz%2FptI53XnG0ootSe38L4i8JLWni0jiR6tSDOt3lLSZUInBsFdADKcQ%2FSlSe4RsdAkiP0KYfQ7BfyNL510k8f6mkQqCF7PZhZhC9KaQ0RjUOLDVEQ5sz4FNHcT8tB56ntd2eUjdlU4YNnk7YgF3PdruedRzgxXYsJI3RpaOEcoxQr2LVO9iW3x1srwAbX%2BG2SpguAOTlcR5ZxcDXiCPCHJDkFOCXBDkGUE%2BKA64NL4p7nNpLPMusn%2BRm8VEZf09eqCyfpQQUD2G5sVeekZeqlbkvNi6gu3otN5u%2BkGvGfis5fV8FjDOmittxjuu16JRZ5nBiALCXJpNPRIluXz%2BCVJRkv%2F%2FmYLRIxh5hFAsgFoPNC9AtwqMkgdZRGNlGsOdEbgqkGY1ZDvOnjwjl2cWda8SROHx9Wz0x41Hi58i1AVSXeBj8YSgL%2B9Nbquc7N9WuSE%2FbqaZiMWIVvbdyWgW%2Fe%2FBW9FOrjTfWDPj714PK6KCD9%2BNTNalCRdJ35DvVwXnkV5XOozITxvm%2FYjdsmZr1erEpt1bb6xvxKmOjBEqmYKKktSOdxCKkrzw9LPZz7xqv4TQU2hbILbH5CIg1BHCdBcmnes3ikDLeQ9La8htMdE%2Bm19KQSCjeU1ZAfOvms3xRNPqNRXFnrmHvq6BZneRxAUGusBAFqByDGOfm2SpPr7%2B6zdVfAsmaxMmdW2fSS2%2FrtZ8qSRd8XuFnGdbN6JyvenSoLPstds0arOWv9ILPE6p3wr8IKBNZKbs1T%2B88jcAAAD%2F%2FwEAAP%2F%2FS9TUYn0EAAA%3D HTTP/1.1
Host: duesirresponsible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991490,4991489,4991488]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 23:37:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c977ecf16fe79d8e763e963b3c0ea5fd
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png

45.133.44.10

200 OK

120 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
120 kB (119965 bytes)
Hash
c5a83c3079df6439410f74f3e8de6930
66dab231922cc92db7c41f49d7bdb7da1dfde08a
ee0745b5678c7e4277047ba8f87d53ee77e60a4985dace65c73b970521dbf1f8

HTTP Headers

GET /si/62/f3/af/62f3afd73bea7438e3cb091f669622ff/1710839646.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:37:09 GMT
content-type: image/png
content-length: 119965
server: nginx/1.21.6
last-modified: Tue, 19 Mar 2024 09:14:15 GMT
etag: "65f95767-1d49d"
expires: Fri, 19 Apr 2024 23:37:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png

45.133.44.10

200 OK

184 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced
Size
184 kB (183812 bytes)
Hash
adc709f858c8b4ff4ce26a2757b75131
c91b170aba4aafdca5690d29e17f61b6505e15c1
ad475e95022da6d65aec3479ad3b4ff6d36dc85bbc634d750cdd575ea1a985ce

HTTP Headers

GET /si/df/e4/cd/dfe4cd324c2c05ad9bd4f1bcb4d0a97d/1707940211.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:37:09 GMT
content-type: image/png
content-length: 183812
server: nginx/1.21.6
last-modified: Wed, 14 Feb 2024 19:50:20 GMT
etag: "65cd197c-2ce04"
expires: Fri, 19 Apr 2024 23:37:09 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

packageeyeball.com/watch.1327929840233.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1713397089&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=379e5cbcd88e4d3e749d7a548f1f509e730b06a856de5a138d19bafa4be2664a219ae84f16ea2cb8dc8e8581d89ee6591069af4f65833fd8b2e382aec03a22a6eac8954ab3d5b7d345a89eaa291f88ea43337df947227bb2719e5215effb07&tz=0&uuid=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1

192.243.59.20

200 OK

2.0 kB

URL GET HTTP/1.1
packageeyeball.com/watch.1327929840233.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1713397089&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=379e5cbcd88e4d3e749d7a548f1f509e730b06a856de5a138d19bafa4be2664a219ae84f16ea2cb8dc8e8581d89ee6591069af4f65833fd8b2e382aec03a22a6eac8954ab3d5b7d345a89eaa291f88ea43337df947227bb2719e5215effb07&tz=0&uuid=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectpackageeyeball.com
FingerprintE4:11:98:44:04:E3:53:B7:30:18:6D:29:77:26:E3:AC:0D:5D:80:08
ValidityTue, 16 Apr 2024 14:05:38 GMT - Mon, 15 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (2430)
Size
2.0 kB (1977 bytes)
Hash
18696f31fe196db45386e322c1c056ab
f1a5d4366c254b94f9d53fbc1a6b99d9bd0e712e
989a88abdf1de72dabf43319affdc7e35d75d2bd53e50ca14ec6130e18871d68

HTTP Headers

GET /watch.1327929840233.js?dev=e&key=ae333e82cfaead9ba22e64954c139352&kw=%5B%22team%22%2C%22os%22%2C%22your%22%2C%22only%22%2C%22destination%22%2C%22to%22%2C%22custom%22%2C%22os%22%5D&pst=1713397089&refer=https%3A%2F%2Fwww.teamos.xyz%2F&res=14.2071&rmtc=t&shu=379e5cbcd88e4d3e749d7a548f1f509e730b06a856de5a138d19bafa4be2664a219ae84f16ea2cb8dc8e8581d89ee6591069af4f65833fd8b2e382aec03a22a6eac8954ab3d5b7d345a89eaa291f88ea43337df947227bb2719e5215effb07&tz=0&uuid=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1 HTTP/1.1
Host: packageeyeball.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.teamos.xyz
Referer: https://www.teamos.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17155452; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzE1NTQ1MiwiayI6ImFlMzMzZTgyY2ZhZWFkOWJhMjJlNjQ5NTRjMTM5MzUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODMyNTYxLCJwaWQiOjM4NzE4NCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOCwiYWlkIjoyMywicHQiOjQsInBrIjoiYXM3MnhuaXRqIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnRlYW1vcy54eXovIiwiYXIiOltdfX0.vK4tJsWTw5CV2VlEaDdK8WeL0wD9fKt6UhZ2fr9PJ1M
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 23:37:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.teamos.xyz
Access-Control-Allow-Origin: https://www.teamos.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6:1:1; expires=Wed, 24 Apr 2024 23:37:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 18 Apr 2024 23:37:10 GMT; secure; SameSite=None
uncs=1; expires=Thu, 18 Apr 2024 23:37:10 GMT; secure; SameSite=None
pdhtkv23=true; expires=Thu, 18 Apr 2024 23:37:10 GMT; secure; SameSite=None
uncs23=1; expires=Thu, 18 Apr 2024 23:37:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55e279df77ad1991f690946a1551f571
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.teamos.xyz/js/xf/notice.min.js?_v=099e916e

172.67.143.25

200 OK

1.5 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/notice.min.js?_v=099e916e
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
JavaScript source, ASCII text, with very long lines (525)
Size
1.5 kB (1529 bytes)
Hash
b725cc9681612e5c4a6de094bbe33bd9
c2bd0760c401cf86e15fc2b941b14fa7901633e3
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b

HTTP Headers

GET /js/xf/notice.min.js?_v=099e916e HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: application/javascript
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
vary: Accept-Encoding
etag: W/"63926c70-e4e"
expires: Fri, 19 Apr 2024 08:41:06 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 483906
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=svMr52zu1YD8Ji5oPL45a0nrI49zGN5bJfTxFYxLtLV0a2TAafAcuDiJBoShigT7W8%2BoBn9bLMgX8tIkl4tDmxKty50N67UJ1lVvWnRW9Zpl3K3bxsOZc2FvBi8YmPcUUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603dc188d956c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

duesirresponsible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3p3f5Scohtz2MpcFXWTS3TPpybiHxRizBMfNuqvoRaSqq2dSprqrreqanowgwQXZizCCFz11vkk2uC6L%2FgEuMlkQCQhpTzlswJt3IWfpMTj6oPu9V98r%2BN731ed79oz4sPR07S01ElLSpeWGW3%2Fpfc%2B7Xu%2BKxA7rw5Xgw6B1va4Hr3aChvty%2FWYUbqsl3%2FVc13O9%2BrrQUU8NlyoQIn3U8Rodt9HyG95yC0P9395YB4Y64IMzsgDBy9pTZxEinCKJv1%2BLzHam0lfeiK2kmdIY8MN3k%2B1E5QniednTDnrJ4cU0lDlZfwKVHMzoQg3%2BGWSiJM7PT8CSwwuSYIP9GU8mESVg%2FDnkgykiOYWgU4TqHgQ%2FIUDIcWsTSfzgltI53fkbpRVaktr5nxB5SWrPFpHEj1elGNbvKmkzoRKDYa%2BAGE4h%2BlOk9gjZ6BJEfoQw%2BwyC%2F0qWzrtI4v1NIxUEL2a7CzGF6E0hozGocWCrTziwPQc2dRDz03roeV7b5SF1Vzph2OTtiAXc9Wi751HPDVZgw4reGFk6RijHCPUuUr2LbfHlyfICtP0JZquA4Q5MVhLn7V0MeIE8IsgNQU4JckGQZwT5oDjg0vimeMClscy7yP5FbhYTlfX36IHK%2BlFCQPUYmhd76Rl5sZLIeaF1FdvRab3d9INeM%2FBZy%2Bv5LGCcNVfajHdcr0WjzjKDEQWEuTTbeiRKcuX8Y6SiJP%2F7IwWjRzDyCKFYALUeaF6AbhUYJQ%2BziMbKNIY7I3BVIM1qyHacPXlGrsws6l5zEIXHN7LR7zcfL36CUBdIdYGPxFOCvrw%2FuaNysn9H5Yb8sJlmIhYjWtl3N6NZdPnhm9FOrjTfWDPjb18LK6AqH70TmaxLEy6SviHfrQrOI72udBiRHzfMexG7bc3WqtWJTbu3X1%2FfiFMdGSNUMgUVJakd7yAUJXn%2B2aezl3nNfgGhp9C2QGyPyUVAqCOE6S5MOudvFIGW8xmWXkZui4n22fxQCgIZzXvKCph%2F9WxeTzStblNR7Jn76OsaaHYPSVxgoAsMZAEqxzD2%2F5Ms1cc3fvm6im%2FAZG3CpK7tM6nlV5XMl0rSFb%2FNBK9%2BBEZUrjddGnSWvXabRm3W8ld6gccp9VuBHwS0icyUvfoHV%2F8CAAD%2F%2FwEAAP%2F%2FURspC30EAAA%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
duesirresponsible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3p3f5Scohtz2MpcFXWTS3TPpybiHxRizBMfNuqvoRaSqq2dSprqrreqanowgwQXZizCCFz11vkk2uC6L%2FgEuMlkQCQhpTzlswJt3IWfpMTj6oPu9V98r%2BN731ed79oz4sPR07S01ElLSpeWGW3%2Fpfc%2B7Xu%2BKxA7rw5Xgw6B1va4Hr3aChvty%2FWYUbqsl3%2FVc13O9%2BrrQUU8NlyoQIn3U8Rodt9HyG95yC0P9395YB4Y64IMzsgDBy9pTZxEinCKJv1%2BLzHam0lfeiK2kmdIY8MN3k%2B1E5QniednTDnrJ4cU0lDlZfwKVHMzoQg3%2BGWSiJM7PT8CSwwuSYIP9GU8mESVg%2FDnkgykiOYWgU4TqHgQ%2FIUDIcWsTSfzgltI53fkbpRVaktr5nxB5SWrPFpHEj1elGNbvKmkzoRKDYa%2BAGE4h%2BlOk9gjZ6BJEfoQw%2BwyC%2F0qWzrtI4v1NIxUEL2a7CzGF6E0hozGocWCrTziwPQc2dRDz03roeV7b5SF1Vzph2OTtiAXc9Wi751HPDVZgw4reGFk6RijHCPUuUr2LbfHlyfICtP0JZquA4Q5MVhLn7V0MeIE8IsgNQU4JckGQZwT5oDjg0vimeMClscy7yP5FbhYTlfX36IHK%2BlFCQPUYmhd76Rl5sZLIeaF1FdvRab3d9INeM%2FBZy%2Bv5LGCcNVfajHdcr0WjzjKDEQWEuTTbeiRKcuX8Y6SiJP%2F7IwWjRzDyCKFYALUeaF6AbhUYJQ%2BziMbKNIY7I3BVIM1qyHacPXlGrsws6l5zEIXHN7LR7zcfL36CUBdIdYGPxFOCvrw%2FuaNysn9H5Yb8sJlmIhYjWtl3N6NZdPnhm9FOrjTfWDPjb18LK6AqH70TmaxLEy6SviHfrQrOI72udBiRHzfMexG7bc3WqtWJTbu3X1%2FfiFMdGSNUMgUVJakd7yAUJXn%2B2aezl3nNfgGhp9C2QGyPyUVAqCOE6S5MOudvFIGW8xmWXkZui4n22fxQCgIZzXvKCph%2F9WxeTzStblNR7Jn76OsaaHYPSVxgoAsMZAEqxzD2%2F5Ms1cc3fvm6im%2FAZG3CpK7tM6nlV5XMl0rSFb%2FNBK9%2BBEZUrjddGnSWvXabRm3W8ld6gccp9VuBHwS0icyUvfoHV%2F8CAAD%2F%2FwEAAP%2F%2FURspC30EAAA%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectduesirresponsible.com
Fingerprint40:76:4A:BB:57:E2:6D:45:F5:E5:95:D9:A2:CA:F8:85:D4:8E:6F:C1
ValidityTue, 16 Apr 2024 09:53:48 GMT - Mon, 15 Jul 2024 09:53:47 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWskxReu3p3f5Scohtz2MpcFXWTS3TPpybiHxRizBMfNuqvoRaSqq2dSprqrreqanowgwQXZizCCFz11vkk2uC6L%2FgEuMlkQCQhpTzlswJt3IWfpMTj6oPu9V98r%2BN731ed79oz4sPR07S01ElLSpeWGW3%2Fpfc%2B7Xu%2BKxA7rw5Xgw6B1va4Hr3aChvty%2FWYUbqsl3%2FVc13O9%2BrrQUU8NlyoQIn3U8Rodt9HyG95yC0P9395YB4Y64IMzsgDBy9pTZxEinCKJv1%2BLzHam0lfeiK2kmdIY8MN3k%2B1E5QniednTDnrJ4cU0lDlZfwKVHMzoQg3%2BGWSiJM7PT8CSwwuSYIP9GU8mESVg%2FDnkgykiOYWgU4TqHgQ%2FIUDIcWsTSfzgltI53fkbpRVaktr5nxB5SWrPFpHEj1elGNbvKmkzoRKDYa%2BAGE4h%2BlOk9gjZ6BJEfoQw%2BwyC%2F0qWzrtI4v1NIxUEL2a7CzGF6E0hozGocWCrTziwPQc2dRDz03roeV7b5SF1Vzph2OTtiAXc9Wi751HPDVZgw4reGFk6RijHCPUuUr2LbfHlyfICtP0JZquA4Q5MVhLn7V0MeIE8IsgNQU4JckGQZwT5oDjg0vimeMClscy7yP5FbhYTlfX36IHK%2BlFCQPUYmhd76Rl5sZLIeaF1FdvRab3d9INeM%2FBZy%2Bv5LGCcNVfajHdcr0WjzjKDEQWEuTTbeiRKcuX8Y6SiJP%2F7IwWjRzDyCKFYALUeaF6AbhUYJQ%2BziMbKNIY7I3BVIM1qyHacPXlGrsws6l5zEIXHN7LR7zcfL36CUBdIdYGPxFOCvrw%2FuaNysn9H5Yb8sJlmIhYjWtl3N6NZdPnhm9FOrjTfWDPjb18LK6AqH70TmaxLEy6SviHfrQrOI72udBiRHzfMexG7bc3WqtWJTbu3X1%2FfiFMdGSNUMgUVJakd7yAUJXn%2B2aezl3nNfgGhp9C2QGyPyUVAqCOE6S5MOudvFIGW8xmWXkZui4n22fxQCgIZzXvKCph%2F9WxeTzStblNR7Jn76OsaaHYPSVxgoAsMZAEqxzD2%2F5Ms1cc3fvm6im%2FAZG3CpK7tM6nlV5XMl0rSFb%2FNBK9%2BBEZUrjddGnSWvXabRm3W8ld6gccp9VuBHwS0icyUvfoHV%2F8CAAD%2F%2FwEAAP%2F%2FURspC30EAAA%3D HTTP/1.1
Host: duesirresponsible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991490,4991489,4991488]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 23:37:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b168435c72a9ed97acd7f3149fa5d165
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.cloudimagesb.com/cti/7c/04/44/7c0444251a208c4b25a9f37345ea257c/1707726227.png

45.133.44.10

200 OK

52 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/7c/04/44/7c0444251a208c4b25a9f37345ea257c/1707726227.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced
Size
52 kB (51699 bytes)
Hash
6f9c8f0a811fe6684703e7e8321071d7
08c5ba25136cb05a143795418627b3984625266e
38ac3942fbb44a32b90f8c8627411050c83ec492a678dc73f56e1866b75bce89

HTTP Headers

GET /cti/7c/04/44/7c0444251a208c4b25a9f37345ea257c/1707726227.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:37:10 GMT
content-type: image/png
content-length: 51699
server: nginx/1.21.6
last-modified: Mon, 12 Feb 2024 08:23:57 GMT
etag: "65c9d59d-c9f3"
expires: Fri, 19 Apr 2024 23:37:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=3DGiCu5ClzwvOVqeeuiOMOCiCux2VBQzgbBkS0JtmLKSWuVCoRrmba8d7BGLblkvvLgfHRmabWDMDg0oG8E5ncTHuDs5iSImMBqK8ePyCqXE7Znu5QUh_pP3le1_idfe
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Wed, 17 Apr 2024 23:37:21 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 3
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

www.teamos.xyz/cdn-cgi/rum?

172.67.143.25

204 No Content

0 B

URL POST HTTP/3
www.teamos.xyz/cdn-cgi/rum?
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 454
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1; pp_main_a1e8916f3df739635783bc00fa07bfe6=1; _ga_ZMK4J7B2XT=GS1.1.1713397029.1.0.1713397029.0.0.0; _ga=GA1.1.273923352.1713397030
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Wed, 17 Apr 2024 23:37:29 GMT
access-control-allow-origin: https://www.teamos.xyz
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 87603e498b5556c7-OSL
x-frame-options: DENY
x-content-type-options: nosniff

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 594128
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.teamos.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:35:00 GMT
expires: Fri, 11 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 594128
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

my.teamos.xyz/0013056f436a959f489668f299410597/announce7:comment39:Downloaded

172.67.143.25

302 Found

173 kB

URL User Request GET HTTP/2
my.teamos.xyz/0013056f436a959f489668f299410597/announce7:comment39:Downloaded
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type

Size
173 kB (173049 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0013056f436a959f489668f299410597/announce7:comment39:Downloaded HTTP/1.1
Host: my.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 17 Apr 2024 23:37:06 GMT
location: https://teamos.xyz
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OuIU1oNBk2VoYZ1R%2FI5dRANM7reqJjt8AaM%2BkwklwB7BEF7ydP2ieMjB0kP%2BDy1BaDjM0dz38%2Fe2EwSI8ukhcwMd%2BWyV5YBTRyf2bkQHuYXLvtsL%2BO6oiPiIdbmGBbev"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603db51cf40afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

teamos.xyz/

172.67.143.25

301 Moved Permanently

173 kB

URL User Request GET HTTP/3
teamos.xyz/
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type

Size
173 kB (173049 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
date: Wed, 17 Apr 2024 23:37:06 GMT
content-type: text/html
location: https://www.teamos.xyz/
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wa%2BIwVaxDaVRcWODTA%2FPdPYSyZ8qNIrepkgxALd045klY1Y0kVJLIJrv5JRQ4Mj8OC1W%2BkuweqW970r1hZcTFZR0BHg8nIeTBDK2ZiyxSPaWX3gdKWun7M4FprB3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603db5bc5456c7-OSL
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/

172.67.143.25

200 OK

173 kB

URL User Request GET HTTP/3
www.teamos.xyz/
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type

Size
173 kB (173049 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:06 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
last-modified: Wed, 17 Apr 2024 23:37:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
set-cookie: xf_csrf=eMl7ydUlDoF8AyJr; path=/; secure
xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW; path=/; secure; HttpOnly
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=1,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pD9rmoO1zWU9WAhe41SrVlmGLyiOVZA2n3zGDlOPyw9nbH1PG9fpV2zB5OvHiHmkpP80F7D3jKHvYG9ytjTS0oKK7zRvJuTAlb7PnfLCNiyBAvphhi0qqHORHk%2FULLQcMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603db77d0a56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

duesirresponsible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuDqMHPYjL3vYyCAu6yKS7Z9KTcQ9ijJHguFl3Fb2IVHVVT8pUd7VV3dOTOQUXZI8jiKAH6XyTbHBdRH%2BAi3QWRBaEjKcczNm7EPYoPQZHH3S%2F73vfa%2Fjee%2F3Zfn5GfOT0dP1tPZZK0eWVltt88QPPu97syyQfNUerwUdB53rTDF%2FpBS33peabItzRy77rua7nes0NaUSkR8u1CJk%2B6Hmtntvq%2BC1vpYOR%2BT%2B3uQNLHfDhGbkEyWeNR85lyLBCEv%2BwLuxOptOX34hzRTNtMORH7yU7iS4SxAsYGQdRcnTRDW1PNh5CJ4dzu9DDfxuZnBHnl4dgydGFSbDhwdwnUxAJGH8WxbCCUBUkrRDqO5D8hAAhx40tJPG9G9oUdPcfldbqjDTO%2F4IsZqTxx2Uk8fdrSo6at7XKM6kTi1FUQo4qyEGFND9GNl6CLI4RZp9C8t%2FI8nkfSXywZZWG5OV8dikryKiCEhNQ6yCvH%2BkgjxzkqYOYnzZDz%2FO6Lg%2Bpu9oLwzbvChZw16PdyKOeG6wiD2t7E2TpBKGaIDR7SM0eduTnJyuXYPKfYbdLWO7AZjPivLOHIS9RCILCEhSUoJAERUZQDMtDrqxvy3tc2Zx5F9m%2FyO1yqrPBPj3U2UAkBNRMYHi5n56R5%2BsVOc91rmJHnDa7bT%2BI2oHPOl7ks4Bx1l7tMt5zvQ4VvRUGK0tIuzSfeixn5Mr5J0jljDz1ZwpGj2HVMUJ5CTT3QIsSdLvEOLmfCRpr2xrtjsF1iTRrINt19tUZuTI%2FUV%2F%2BDhE%2BJheB0JRITYmP5SOCgbo7vaULcnBLF5b8uJVmMpZjWp%2FvdkYz8fT9t8RuoQ3fXLeTb18La6GGD94VNuvThMtkYMl3a5JzYTa0CQX5adO%2BL9jN3G6v5SbJ0%2F7N1zc249QIa6VOKlB5svUEYT3Ykxfm%2F%2BW1L7%2BBNBVMXiLOF06lrhCme7DpomY1gVELztIlFHk5NT5bFJUkUGLBKSth%2F8PZAk8Nrb%2Bmsty3dzEwDdDsDpK4xNCUGKoSVE1g82emWWoev%2FrrV3V8DaYaU6ZM44Apo76Ykf61pfmma%2BTULwIr65u3XRr0Vrxul4ou6%2FirUeBxSv1O4AcBbSOzs6j54dW%2FAQAA%2F%2F8BAAD%2F%2F5fQRmR7BAAA

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
duesirresponsible.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuDqMHPYjL3vYyCAu6yKS7Z9KTcQ9ijJHguFl3Fb2IVHVVT8pUd7VV3dOTOQUXZI8jiKAH6XyTbHBdRH%2BAi3QWRBaEjKcczNm7EPYoPQZHH3S%2F73vfa%2Fjee%2F3Zfn5GfOT0dP1tPZZK0eWVltt88QPPu97syyQfNUerwUdB53rTDF%2FpBS33peabItzRy77rua7nes0NaUSkR8u1CJk%2B6Hmtntvq%2BC1vpYOR%2BT%2B3uQNLHfDhGbkEyWeNR85lyLBCEv%2BwLuxOptOX34hzRTNtMORH7yU7iS4SxAsYGQdRcnTRDW1PNh5CJ4dzu9DDfxuZnBHnl4dgydGFSbDhwdwnUxAJGH8WxbCCUBUkrRDqO5D8hAAhx40tJPG9G9oUdPcfldbqjDTO%2F4IsZqTxx2Uk8fdrSo6at7XKM6kTi1FUQo4qyEGFND9GNl6CLI4RZp9C8t%2FI8nkfSXywZZWG5OV8dikryKiCEhNQ6yCvH%2BkgjxzkqYOYnzZDz%2FO6Lg%2Bpu9oLwzbvChZw16PdyKOeG6wiD2t7E2TpBKGaIDR7SM0eduTnJyuXYPKfYbdLWO7AZjPivLOHIS9RCILCEhSUoJAERUZQDMtDrqxvy3tc2Zx5F9m%2FyO1yqrPBPj3U2UAkBNRMYHi5n56R5%2BsVOc91rmJHnDa7bT%2BI2oHPOl7ks4Bx1l7tMt5zvQ4VvRUGK0tIuzSfeixn5Mr5J0jljDz1ZwpGj2HVMUJ5CTT3QIsSdLvEOLmfCRpr2xrtjsF1iTRrINt19tUZuTI%2FUV%2F%2BDhE%2BJheB0JRITYmP5SOCgbo7vaULcnBLF5b8uJVmMpZjWp%2FvdkYz8fT9t8RuoQ3fXLeTb18La6GGD94VNuvThMtkYMl3a5JzYTa0CQX5adO%2BL9jN3G6v5SbJ0%2F7N1zc249QIa6VOKlB5svUEYT3Ykxfm%2F%2BW1L7%2BBNBVMXiLOF06lrhCme7DpomY1gVELztIlFHk5NT5bFJUkUGLBKSth%2F8PZAk8Nrb%2Bmsty3dzEwDdDsDpK4xNCUGKoSVE1g82emWWoev%2FrrV3V8DaYaU6ZM44Apo76Ykf61pfmma%2BTULwIr65u3XRr0Vrxul4ou6%2FirUeBxSv1O4AcBbSOzs6j54dW%2FAQAA%2F%2F8BAAD%2F%2F5fQRmR7BAAA
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectduesirresponsible.com
Fingerprint40:76:4A:BB:57:E2:6D:45:F5:E5:95:D9:A2:CA:F8:85:D4:8E:6F:C1
ValidityTue, 16 Apr 2024 09:53:48 GMT - Mon, 15 Jul 2024 09:53:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWskRRSuDqMHPYjL3vYyCAu6yKS7Z9KTcQ9ijJHguFl3Fb2IVHVVT8pUd7VV3dOTOQUXZI8jiKAH6XyTbHBdRH%2BAi3QWRBaEjKcczNm7EPYoPQZHH3S%2F73vfa%2Fjee%2F3Zfn5GfOT0dP1tPZZK0eWVltt88QPPu97syyQfNUerwUdB53rTDF%2FpBS33peabItzRy77rua7nes0NaUSkR8u1CJk%2B6Hmtntvq%2BC1vpYOR%2BT%2B3uQNLHfDhGbkEyWeNR85lyLBCEv%2BwLuxOptOX34hzRTNtMORH7yU7iS4SxAsYGQdRcnTRDW1PNh5CJ4dzu9DDfxuZnBHnl4dgydGFSbDhwdwnUxAJGH8WxbCCUBUkrRDqO5D8hAAhx40tJPG9G9oUdPcfldbqjDTO%2F4IsZqTxx2Uk8fdrSo6at7XKM6kTi1FUQo4qyEGFND9GNl6CLI4RZp9C8t%2FI8nkfSXywZZWG5OV8dikryKiCEhNQ6yCvH%2BkgjxzkqYOYnzZDz%2FO6Lg%2Bpu9oLwzbvChZw16PdyKOeG6wiD2t7E2TpBKGaIDR7SM0eduTnJyuXYPKfYbdLWO7AZjPivLOHIS9RCILCEhSUoJAERUZQDMtDrqxvy3tc2Zx5F9m%2FyO1yqrPBPj3U2UAkBNRMYHi5n56R5%2BsVOc91rmJHnDa7bT%2BI2oHPOl7ks4Bx1l7tMt5zvQ4VvRUGK0tIuzSfeixn5Mr5J0jljDz1ZwpGj2HVMUJ5CTT3QIsSdLvEOLmfCRpr2xrtjsF1iTRrINt19tUZuTI%2FUV%2F%2BDhE%2BJheB0JRITYmP5SOCgbo7vaULcnBLF5b8uJVmMpZjWp%2FvdkYz8fT9t8RuoQ3fXLeTb18La6GGD94VNuvThMtkYMl3a5JzYTa0CQX5adO%2BL9jN3G6v5SbJ0%2F7N1zc249QIa6VOKlB5svUEYT3Ykxfm%2F%2BW1L7%2BBNBVMXiLOF06lrhCme7DpomY1gVELztIlFHk5NT5bFJUkUGLBKSth%2F8PZAk8Nrb%2Bmsty3dzEwDdDsDpK4xNCUGKoSVE1g82emWWoev%2FrrV3V8DaYaU6ZM44Apo76Ykf61pfmma%2BTULwIr65u3XRr0Vrxul4ou6%2FirUeBxSv1O4AcBbSOzs6j54dW%2FAQAA%2F%2F8BAAD%2F%2F5fQRmR7BAAA HTTP/1.1
Host: duesirresponsible.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: u_pl=17773605; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec7326f362b41f2b6bdb387bd9014ae95b=[4991490,4991489,4991488]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 17 Apr 2024 23:37:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: db1f4a1eb94e622e219ebc871e57e160
Strict-Transport-Security: max-age=0; includeSubdomains

www.teamos.xyz/js/xf/core-compiled.js?_v=099e916e

172.67.143.25

200 OK

214 kB

URL GET HTTP/3
www.teamos.xyz/js/xf/core-compiled.js?_v=099e916e
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
JavaScript source, ASCII text, with very long lines (16424)
Size
214 kB (213517 bytes)
Hash
d0ab265a4f68a45efc52408bd69a7f25
c57033113a290427c17a5cd1c94b1829aac06fed
abedeb2dbbfa0642370887c7fd082a1774f4e1f8129a4d9adba2908fe9e8b4d3

HTTP Headers

GET /js/xf/core-compiled.js?_v=099e916e HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:08 GMT
content-type: application/javascript
cache-control: max-age=31536000
cf-bgj: minify
cf-polished: origSize=213917
etag: W/"63926c70-3439d"
expires: Fri, 19 Apr 2024 08:41:06 GMT
last-modified: Thu, 08 Dec 2022 23:00:00 GMT
strict-transport-security: max-age=15768000
vary: Accept-Encoding
cf-cache-status: HIT
age: 12719
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rfIOGXbffWa%2F%2FEGRgMRnYwIaklmSnbG0UI3kGx8owKMvrnAtmWWqOZYVsOGYDPTDNmMRKV0e83isesu6%2F%2FdKjJX630V%2Fjdcw26wGPjO6ZgKV7wNvvWMhKuft%2B2fYfMnlOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603dc188de56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Open+Sans:400,700

142.250.74.74

200 OK

11 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1572)
Size
11 kB (11194 bytes)
Hash
b69c29c8c917c014d6f4b79752d8ce0b
71a580b2e8792ba930815bcca3bda73e7715ca3f
5cccc465f4c8cdcec789a0b28846823f18646206351bc9ff794f1aec7f58f5b0

HTTP Headers

GET /css?family=Open+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 23:37:07 GMT
date: Wed, 17 Apr 2024 23:37:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.teamos.xyz/css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1713088796&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52

172.67.143.25

200 OK

86 kB

URL GET HTTP/3
www.teamos.xyz/css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1713088796&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
ASCII text, with very long lines (49132)
Size
86 kB (85694 bytes)
Hash
394c418197beab6a31b3281f3342bfac
3af77160350ff52f8d36b47365a118279f412ccb
0573e5c09f0c4164784b44f27da20fe3a50fb04b98ab1fadd5348b82543d0194

HTTP Headers

GET /css.php?css=public%3Acxf_top_navigation.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Ashare_controls.less%2Cpublic%3Awidget_xentorrent_sidebar_tracker_stats.less%2Cpublic%3Aextra.less&s=8&l=1&d=1713088796&k=2b4c77b1bba55e2f6c2b40c9fe2cf79d1b72fe52 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:07 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Thu, 17 Apr 2025 23:37:07 GMT
last-modified: Sun, 14 Apr 2024 09:59:56 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijoERjuUA4qqAAxXAOVXeWHLsVsmE4iwIRwXNxJzQ0sW3xad1KtBk8YbZD9AWXuthaRqbs9wQTBFBEvs%2FQHiaST72XLbkP1xZYCVdlelzG46loqPqvgy70Em5vr%2FP2iZ4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603dbe5f9056c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 23:37:09 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 09fd4da9e3c35be20f19d48137f9b818
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 17 Apr 2024 23:37:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkMyVT75odpi9AgthhX8OZRVaEPtv9drQDPytQsImX6YbsPHRh4aQtTQb%2BR0dkMF8ClImdUcjX5b%2BTa6KjtBTu%2B%2FGiVPbpg6rKE8E0DhmSsMwiNJiWVJYyy%2FVjU78mTcC364YGtTwFFejF2utdVq5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87603dc74a75712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.teamos.xyz/favicon.ico

172.67.143.25

200 OK

180 kB

URL GET HTTP/3
www.teamos.xyz/favicon.ico
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
MS Windows icon resource - 9 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel
Size
180 kB (180396 bytes)
Hash
6d9396dc55f2e528b53aa081b562f91f
aba25e72d54c60252f233a4bcf2c5773a11e6359
f2678bc111d1e4768f668ea1d1d8bc086371b13f66688831fb7e5706f7d29638

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW; dom3ic8zudi28v8lr6fgphwffqoz0j6c=1c582808-6c3f-4fb5-9893-3e3a5d4f48e6%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:09 GMT
content-type: image/x-icon
last-modified: Sun, 05 May 2019 15:07:05 GMT
vary: Accept-Encoding
etag: W/"5ccefc19-2c0ac"
expires: Mon, 22 Apr 2024 02:40:16 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 2129083
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GghAMtejWkNHWGq%2FaYBpe58YfnPdlsMBiI3XX92zxsWf4ra9QqL52DF2YoG61zKi8uZnrWMNoJOmGszRl%2FR8HhmHcC%2FZEH4jlz4fmlv14qSFtQupB31%2FcE4DH0QdhytyHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603dcafd4656c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1713088796&k=034405c740f279c15adbbc41dfccb627ca90db04

172.67.143.25

200 OK

397 kB

URL GET HTTP/3
www.teamos.xyz/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1713088796&k=034405c740f279c15adbbc41dfccb627ca90db04
IP
172.67.143.25:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.teamos.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectteamos.xyz
Fingerprint2A:28:06:EF:27:A1:67:20:BB:CB:86:C9:17:82:90:97:C8:E6:AB:06
ValidityMon, 19 Feb 2024 10:31:47 GMT - Sun, 19 May 2024 10:31:46 GMT

File type
ASCII text, with very long lines (63233)
Size
397 kB (396762 bytes)
Hash
ca8b60ddaf8efe6e6e2c8238947a2a20
7efd8f6ce98cf1dbe6f55729d7be5eea309846a4
86d0e326cd98c5c555669c9d8621176c085ca0646bb10479a4a8e1e8244b96e5

HTTP Headers

GET /css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=8&l=1&d=1713088796&k=034405c740f279c15adbbc41dfccb627ca90db04 HTTP/1.1
Host: www.teamos.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.teamos.xyz/
Cookie: xf_csrf=eMl7ydUlDoF8AyJr; xf_session=y_jGkVkLDd4te7K6bvTJ8EtMHWOFOOGW
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 17 Apr 2024 23:37:07 GMT
content-type: text/css; charset=utf-8
x-frame-options: SAMEORIGIN
expires: Thu, 17 Apr 2025 23:37:07 GMT
last-modified: Sun, 14 Apr 2024 09:59:56 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGzDuhkqPRfXZSkAj%2BqHUpbSopaEuIpaZfWQb7%2BnoSdVbQr8wFeBB%2FDa3kmPlWhB7s8aKqMIgX3iUh2P8aeylDiuC4%2BD6dDiPDhY8hji2oXaSt0jKhwNtIUi14UqW57yZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87603dbe5f8d56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (26)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations