teamtnt.red - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 45.9.148.108, located in Netherlands and belongs to NICEIT, DM. The main domain is teamtnt.red.
TLS certificate: Issued by R3 on January 6th 2021. Valid for: 3 months.

This is the only time teamtnt.red was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	45.9.148.108 45.9.148.108	49447 (NICEIT) (NICEIT)
1 2	88.99.66.31 88.99.66.31	24940 (HETZNER-AS) (HETZNER-AS)
6	2

5 45.9.148.108 (Netherlands)

ASN49447 (NICEIT, DM)
PTR: mx1.dendrite.network

teamtnt.red	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.66.31 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: iplogger.com

iplogger.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	teamtnt.red teamtnt.red	306 KB
2	iplogger.org 1 redirects iplogger.org	968 B
6	2

	Domain	Requested by
5	teamtnt.red	teamtnt.red
2	iplogger.org	1 redirects teamtnt.red
6	2

This site contains no links.

Subject Issuer	Validity	Valid
teamtnt.red R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
*.iplogger.org Sectigo RSA Domain Validation Secure Server CA	`2020-11-20` - `2021-11-20`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://teamtnt.red/research_like_little_girls/thats_you.php
Frame ID: 7DB8812D8F1AC19EDE4F22E395CBDD4A
Requests: 4 HTTP requests in this frame

Frame: https://teamtnt.red/research_like_little_girls/access.php
Frame ID: 7F23CFB9888A3CD8D9B8DB8BEA9A878A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://teamtnt.red/DBs.php Page URL
https://teamtnt.red/research_like_little_girls/thats_you.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

306 kB
Transfer

305 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://teamtnt.red/DBs.php Page URL
https://teamtnt.red/research_like_little_girls/thats_you.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://iplogger.org/3aKf34.gif HTTP 301
https://teamtnt.red/research_like_little_girls/img/xxo.gif

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found DBs.php Show response
teamtnt.red/ 628 B
634 B 81ms
62ms Document
text/html 45.9.148.108
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: http://teamtnt.red/DBs.php
Protocol: HTTP/1.1
Server: 45.9.148.108 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS: mx1.dendrite.network
Software: nginx /
Resource Hash: 3210b82f69af0f5cffc7fb5ab720b60b1055831cc2647d732e7be4b268498031

Request headers

Host: teamtnt.red
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Sat, 23 Jan 2021 02:40:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5f7c1112-274"
Content-Encoding: gzip

GET
H2

200

xxo.gif
teamtnt.red/research_like_little_girls/img/
Redirect Chain

https://iplogger.org/3aKf34.gif
https://teamtnt.red/research_like_little_girls/img/xxo.gif

110 KB
110 KB

135ms
40ms

Image
image/gif

45.9.148.108
NICEIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://teamtnt.red/research_like_little_girls/img/xxo.gif
Requested by: Host: teamtnt.red
URL: http://teamtnt.red/DBs.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.9.148.108 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS: mx1.dendrite.network
Software: nginx /
Resource Hash: 659225fb95f5db9763dd0eab89c0f034af3856c9aa88ac0957e94d1bf2043423

Request headers

Referer: http://teamtnt.red/DBs.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 02:40:20 GMT
last-modified: Tue, 06 Oct 2020 04:10:01 GMT
server: nginx
accept-ranges: bytes
etag: "5f7bee19-1b817"
content-length: 112663
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 23 Jan 2021 02:40:38 GMT
server: nginx
x-frame-options: DENY
content-type: text/html; charset=UTF-8
location: https://teamtnt.red/research_like_little_girls/img/xxo.gif
cache-control: no-cache
strict-transport-security: max-age=31536000; preload
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 12j3i7.jpg
iplogger.org/ 116 B
548 B 111ms
39ms Image
image/png 88.99.66.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://iplogger.org/12j3i7.jpg

Requested by

Host: teamtnt.red
URL: http://teamtnt.red/DBs.php

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.99.66.31 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

iplogger.com

Software

nginx /

Resource Hash

b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Frame-Options	DENY

Request headers

Referer: http://teamtnt.red/DBs.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 23 Jan 2021 02:40:38 GMT
server: nginx
x-frame-options: DENY
answers
cache-control: no-cache
strict-transport-security: max-age=31536000; preload
content-type: image/png
whoami: 9b229892ec72a4bab68ad3b44af7d3e97307739a695224213a3b5812f1864f2b
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 Primary Request thats_you.php Show response
teamtnt.red/research_like_little_girls/ 540 B
488 B 377ms
376ms Document
text/html 45.9.148.108
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://teamtnt.red/research_like_little_girls/thats_you.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.9.148.108 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS: mx1.dendrite.network
Software: nginx /
Resource Hash: 66649b45f0d0b2b71f3a18608b13f256d49e6d97f574127eb2e3f4a0b565bfae

Request headers

:method: GET
:authority: teamtnt.red
:scheme: https
:path: /research_like_little_girls/thats_you.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://teamtnt.red/DBs.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://teamtnt.red/DBs.php

Response headers

server: nginx
date: Sat, 23 Jan 2021 02:40:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 access.php Show response
teamtnt.red/research_like_little_girls/ Frame 7F23 250 B
291 B 59ms
58ms Document
text/html 45.9.148.108
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://teamtnt.red/research_like_little_girls/access.php
Requested by: Host: teamtnt.red
URL: https://teamtnt.red/research_like_little_girls/thats_you.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.9.148.108 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS: mx1.dendrite.network
Software: nginx /
Resource Hash: b6942880e0f9841cdf8bc724eb60c3e297085a255e08edfad3e087f1dd30fc80

Request headers

:method: GET
:authority: teamtnt.red
:scheme: https
:path: /research_like_little_girls/access.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://teamtnt.red/research_like_little_girls/thats_you.php
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://teamtnt.red/research_like_little_girls/thats_you.php

Response headers

server: nginx
date: Sat, 23 Jan 2021 02:40:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip

GET
H2 206 access.mp4
teamtnt.red/research_like_little_girls/img/ Frame 7F23 194 KB
194 KB 434ms
434ms Media
video/mp4 45.9.148.108
NICEIT

General

Check archive.org

Show headers Download Go to

Full URL: https://teamtnt.red/research_like_little_girls/img/access.mp4
Requested by: Host: teamtnt.red
URL: https://teamtnt.red/research_like_little_girls/access.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.9.148.108 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS: mx1.dendrite.network
Software: nginx /
Resource Hash: 91a461c2fc27a66421f490bab028069c619d745b6ce3d88f075a8d6c84d1f032

Request headers

Referer: https://teamtnt.red/research_like_little_girls/access.php
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-198542/198543
date: Sat, 23 Jan 2021 02:40:31 GMT
last-modified: Tue, 06 Oct 2020 04:10:03 GMT
server: nginx
etag: "5f7bee1b-3078f"
Content-Length: 198543
content-type: video/mp4

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

iplogger.org
teamtnt.red
45.9.148.108
88.99.66.31
3210b82f69af0f5cffc7fb5ab720b60b1055831cc2647d732e7be4b268498031
659225fb95f5db9763dd0eab89c0f034af3856c9aa88ac0957e94d1bf2043423
66649b45f0d0b2b71f3a18608b13f256d49e6d97f574127eb2e3f4a0b565bfae
91a461c2fc27a66421f490bab028069c619d745b6ce3d88f075a8d6c84d1f032
b02fffaba9e664ff7840c82b102d6851ec0bb148cec462cef40999545309e599
b6942880e0f9841cdf8bc724eb60c3e297085a255e08edfad3e087f1dd30fc80

teamtnt.red Open in urlscan Pro 45.9.148.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

306 kBTransfer

305 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

teamtnt.red Open in urlscan Pro
45.9.148.108 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

306 kB
Transfer

305 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions