| tmpfiles.org/css/style.css | 104.21.21.16 | 200 OK | 3.5 kB |
URL GET HTTP/3tmpfiles.org/css/style.css IP104.21.21.16:443
Requested byhttps://tmpfiles.org/5673073/hoplitepack.zip CertificateIssuerLet's Encrypt Subjecttmpfiles.org FingerprintE0:4F:08:69:83:B8:6E:53:52:25:B2:01:05:CA:CA:AA:17:BE:FE:42 ValiditySat, 30 Mar 2024 08:25:37 GMT - Fri, 28 Jun 2024 08:25:36 GMT
File typeASCII text, with very long lines (3316) Hashbc9b314c6f410e9d7cf926497c38adc4 786293f4e1d176c4d677a44f64da927f4d88be58 2d992cfc4628036a0a2b2437988139c00e40b5f457d3d4f093374ef603117051
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/style.css HTTP/1.1
Host: tmpfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tmpfiles.org/5673073/hoplitepack.zip
Cookie: XSRF-TOKEN=eyJpdiI6IktsdVh1NzYxOStOT25ZLzFPVU13WlE9PSIsInZhbHVlIjoiSHljY2pMdEhTS3BnS2lMNjhCSkdSNTBzc2JkdFl2TDBiR2hBWGVSV2toM1JmQmJPanVYWlpxeW5WNUZiWUxoaUhNMVp4TWFsZklwYzVtUDVRbWEzbXBtcWg4cTY5M3duV1lMenFVWkpGZXhDbFVkY3FvUTk1bjFHUUI3c3RPY3MiLCJtYWMiOiI5MGFmMmNjMDFjODczNjZjMjE4YzEwMTQ3OTJkZWE1ZDI2MjQ3NDE0Yzc1NTczNGM0ZmJjYTExMTYzMGJiOWRjIn0%3D; tmpfiles_session=eyJpdiI6Im1VYVdBL2UyZUR5TVM3MXRkaGdOMkE9PSIsInZhbHVlIjoiMHQ2MUNiaE14Tzd6TUJZZGdUWERaNmxVUXpGaUtHdWM2SERzWEFRYnM4TkhFTFJCMUxqblAwZTVTYkdrbUpINTJWLzJ6UXl0Mi9MRkxZR3NHUkowbjJWeUNPSFRmajZjdVk5MzdQVHpiVDE4RDg2UEsrZ2ZZTmVJVHRIK0JGUk8iLCJtYWMiOiIzMzFhNGNkMTMwNWUxNGMyOWM5Y2VhNDI4MzkzZWQxNTRhNjgwYjViMzU4OThiYWQxNzExMmNjYTg0ZTA1NTMxIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 18:52:07 GMT
content-type: text/css
last-modified: Fri, 12 Mar 2021 21:13:21 GMT
etag: W/"604bd971-cf5"
cache-control: max-age=14400
cf-cache-status: HIT
age: 7103
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pnHml5WkZ4a2tnzLPs%2FZL3IxUrtdFqgKaQU0Z4Aol6Udhx9zphuSBCzNrZ9eldVkL%2FtKkufcyfPXsBz9Sbq8%2FwH71qARYlyCbAX2V7dZNZQ1iFAofg5jELvRXr4Uf7A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ba5215d25b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-66112161-2 | 142.250.74.136 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-66112161-2 IP142.250.74.136:443
Requested byhttps://tmpfiles.org/5673073/hoplitepack.zip CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hasha34e7103d699934ee4ae2b14ed771da0 05c0e65d20789b59cbc6fab6b3d90be4a83e4dc9 32be1a8d22c9e6548fb2afcd70c13f10f6ee9aa3210a5cbe003400d26151ce16
GET /gtag/js?id=UA-66112161-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tmpfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 18:52:07 GMT
expires: Wed, 08 May 2024 18:52:07 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74752
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-0H0LNCD6F9&l=dataLayer&cx=c | 142.250.74.136 | 200 OK | 90 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-0H0LNCD6F9&l=dataLayer&cx=c IP142.250.74.136:443
Requested byhttps://tmpfiles.org/5673073/hoplitepack.zip CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Hashdcc75340e25a0336a8a2ac3bf1a1b6bb 821f479c24d9bbf234df5090cd7a874f3a4ada69 a9c0d25d4da1f2ddff76d73dd798600eeebac4e7405e8365506be998f2a06ee4
GET /gtag/js?id=G-0H0LNCD6F9&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tmpfiles.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 18:52:07 GMT
expires: Wed, 08 May 2024 18:52:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89929
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| tmpfiles.org/font/FiraSans-Light.ttf | 104.21.21.16 | 404 Not Found | 9.4 kB |
URL GET HTTP/3tmpfiles.org/font/FiraSans-Light.ttf IP104.21.21.16:443
Requested byhttps://tmpfiles.org/5673073/hoplitepack.zip CertificateIssuerLet's Encrypt Subjecttmpfiles.org FingerprintE0:4F:08:69:83:B8:6E:53:52:25:B2:01:05:CA:CA:AA:17:BE:FE:42 ValiditySat, 30 Mar 2024 08:25:37 GMT - Fri, 28 Jun 2024 08:25:36 GMT
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/FiraSans-Light.ttf HTTP/1.1
Host: tmpfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tmpfiles.org/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IktsdVh1NzYxOStOT25ZLzFPVU13WlE9PSIsInZhbHVlIjoiSHljY2pMdEhTS3BnS2lMNjhCSkdSNTBzc2JkdFl2TDBiR2hBWGVSV2toM1JmQmJPanVYWlpxeW5WNUZiWUxoaUhNMVp4TWFsZklwYzVtUDVRbWEzbXBtcWg4cTY5M3duV1lMenFVWkpGZXhDbFVkY3FvUTk1bjFHUUI3c3RPY3MiLCJtYWMiOiI5MGFmMmNjMDFjODczNjZjMjE4YzEwMTQ3OTJkZWE1ZDI2MjQ3NDE0Yzc1NTczNGM0ZmJjYTExMTYzMGJiOWRjIn0%3D; tmpfiles_session=eyJpdiI6Im1VYVdBL2UyZUR5TVM3MXRkaGdOMkE9PSIsInZhbHVlIjoiMHQ2MUNiaE14Tzd6TUJZZGdUWERaNmxVUXpGaUtHdWM2SERzWEFRYnM4TkhFTFJCMUxqblAwZTVTYkdrbUpINTJWLzJ6UXl0Mi9MRkxZR3NHUkowbjJWeUNPSFRmajZjdVk5MzdQVHpiVDE4RDg2UEsrZ2ZZTmVJVHRIK0JGUk8iLCJtYWMiOiIzMzFhNGNkMTMwNWUxNGMyOWM5Y2VhNDI4MzkzZWQxNTRhNjgwYjViMzU4OThiYWQxNzExMmNjYTg0ZTA1NTMxIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 18:52:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: XSRF-TOKEN=eyJpdiI6Ii9CYm5sbDBwcWhSYUVNbHlrMTQycVE9PSIsInZhbHVlIjoiSzZkMThLK1NQb3Yrb3J0MFNMR1pGbmRGL2VHRlZuVmFpT2ZQVDh2M3JUazV1TFlTaXBiem9xZGNVUzBrT2p4MDltTjh3ODhTdUdCMFdSZCtBQUdrOUY5OHNkMW16QnltTE9rb2tJNUtJOUQvdGFnOVpJajc0MFRXRlJobUl6VmwiLCJtYWMiOiIyM2QyMDhlNWVlMDAwMDE2MjJhNzAyZWFiYTBlYTAyNTg2ZDA3MzBmZDRiMjVkM2U3MjIwNGRkOWU5NTA1NDI5In0%3D; expires=Wed, 08-May-2024 20:52:07 GMT; Max-Age=7200; path=/; samesite=lax
tmpfiles_session=eyJpdiI6IlpYNTNGaXh2OGpsaFRLcitkSVpJV0E9PSIsInZhbHVlIjoiR0h3SWlzTXZMOXlVQXZLNnc1R1Y1RFBZdFpURS84alRKekNyNEJhbGtNaEp1bXUvOWUzMWxKcDRmMFphQnA5d3hndXNqRm5jTzl5Y2lGUHh1a0pPNkFkaGtMdXAvdnNBZzdwVkgxUDB4QVRkRFdOV3ZlOWJoNU02aUh3d1c3NDkiLCJtYWMiOiIyZjE2ZWUxYzlhMTExYmQwZTM0YzMxM2M0ZDQwNmJhZWRjYmFmNDQ5ZWZhZTYxYTE0NjA0OTc0MGIxMGE4ZmE2In0%3D; expires=Wed, 08-May-2024 20:52:07 GMT; Max-Age=7200; path=/; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snxmxD5JCwRoFyJDBQmT7QyAb9eRpJvMLlm6ttkPfNnztIgerviWQuw1LmDKFgpOThI7kk%2B6mHabhCpXZ%2FN2lY6QCfML2Ygty9Aq81tpu8%2FSwlI2B9fhQG4UhsTS34o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ba522afcbb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tmpfiles.org/font/FiraSans-Regular.ttf | 104.21.21.16 | 404 Not Found | 13 kB |
URL GET HTTP/3tmpfiles.org/font/FiraSans-Regular.ttf IP104.21.21.16:443
Requested byhttps://tmpfiles.org/5673073/hoplitepack.zip CertificateIssuerLet's Encrypt Subjecttmpfiles.org FingerprintE0:4F:08:69:83:B8:6E:53:52:25:B2:01:05:CA:CA:AA:17:BE:FE:42 ValiditySat, 30 Mar 2024 08:25:37 GMT - Fri, 28 Jun 2024 08:25:36 GMT
File typeHTML document, ASCII text, with very long lines (5395) Hash307dca9c775906b8de45869cabe98fcd 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /font/FiraSans-Regular.ttf HTTP/1.1
Host: tmpfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tmpfiles.org/css/style.css
Cookie: XSRF-TOKEN=eyJpdiI6IktsdVh1NzYxOStOT25ZLzFPVU13WlE9PSIsInZhbHVlIjoiSHljY2pMdEhTS3BnS2lMNjhCSkdSNTBzc2JkdFl2TDBiR2hBWGVSV2toM1JmQmJPanVYWlpxeW5WNUZiWUxoaUhNMVp4TWFsZklwYzVtUDVRbWEzbXBtcWg4cTY5M3duV1lMenFVWkpGZXhDbFVkY3FvUTk1bjFHUUI3c3RPY3MiLCJtYWMiOiI5MGFmMmNjMDFjODczNjZjMjE4YzEwMTQ3OTJkZWE1ZDI2MjQ3NDE0Yzc1NTczNGM0ZmJjYTExMTYzMGJiOWRjIn0%3D; tmpfiles_session=eyJpdiI6Im1VYVdBL2UyZUR5TVM3MXRkaGdOMkE9PSIsInZhbHVlIjoiMHQ2MUNiaE14Tzd6TUJZZGdUWERaNmxVUXpGaUtHdWM2SERzWEFRYnM4TkhFTFJCMUxqblAwZTVTYkdrbUpINTJWLzJ6UXl0Mi9MRkxZR3NHUkowbjJWeUNPSFRmajZjdVk5MzdQVHpiVDE4RDg2UEsrZ2ZZTmVJVHRIK0JGUk8iLCJtYWMiOiIzMzFhNGNkMTMwNWUxNGMyOWM5Y2VhNDI4MzkzZWQxNTRhNjgwYjViMzU4OThiYWQxNzExMmNjYTg0ZTA1NTMxIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 08 May 2024 18:52:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: XSRF-TOKEN=eyJpdiI6IjFUVnBMeU04VU4xNEl0TGM3Y3Qvb1E9PSIsInZhbHVlIjoiVERBL0thclNiMS9HVVFoWGh4blVKdVpNQWhkbU1heVJucUVGaHkwTFljaENMakVSNzJ1ZVhRZ2YyYkJyWFZld1pPczdtUDBFWEcrYk1sQkZ5QWpJUXdabi9zbVdXdTJHSDdvTkxCNVpCdlRsK1FzZXpaeUp1dkpaWTFVVTdKRTEiLCJtYWMiOiJjODA5ZTNmOGI5ODlkMGM0YTU2MWExZTI0NDNlNjVlZTlmMjQwZTNhNzhlMTVmYzlhODI4NzZiZWYyZTgyOTU3In0%3D; expires=Wed, 08-May-2024 20:52:07 GMT; Max-Age=7200; path=/; samesite=lax
tmpfiles_session=eyJpdiI6IllGejYvR1UyVnpSZmNMYkFTU0NTSGc9PSIsInZhbHVlIjoiaWZBYjZWUExFQ1ZPQWR4OXFEZExJR0NBVklESFN0M3lrMm92L2MwbHhydzFPcElBQmNXRGFVUzl6VmE4d0o2ZXljdGEySDZURmRoVHNBZ2wrOTUyOXFFZXRJZncrSEIzTDBiVnBuZCtibVBzaXpQb1RncTNwQXd3Q0hsKzZDTVMiLCJtYWMiOiIzNzFjN2VmMzE2NzZiNzdlOTc3MzM0YzY3ZGEyNDUzYjU1YjJlNGE2MDIzZTdiZjcwZWJlZGRkM2E4MTA0OGIyIn0%3D; expires=Wed, 08-May-2024 20:52:07 GMT; Max-Age=7200; path=/; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bzk6ZbuRrjmLj02Awylsyb1HO8C0pGvA1Avn4fgk0tkw4OrvkqPJ4dmO0lHQDt5Zd7LKAIzKQnOo84BOW9wgyhg0RzLML5SwRLoJ1BR65qAGJnTli4IL28jpuXOhOyQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ba522afd1b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tmpfiles.org/5673073/hoplitepack.zip | 104.21.21.16 | 200 OK | 2.1 kB |
URL User Request GET HTTP/2tmpfiles.org/5673073/hoplitepack.zip IP104.21.21.16:443
CertificateIssuerLet's Encrypt Subjecttmpfiles.org FingerprintE0:4F:08:69:83:B8:6E:53:52:25:B2:01:05:CA:CA:AA:17:BE:FE:42 ValiditySat, 30 Mar 2024 08:25:37 GMT - Fri, 28 Jun 2024 08:25:36 GMT
File typeHTML document, ASCII text, with very long lines (2207), with no line terminators Hash183eb6a5c5e8f27cebce880affaf9f91 e4d4994b405a950e4d6e1ab8ffd0d2f166cba0a0 3cc2a9b6dfc271662fd37cfb57b36664cd0ad07a2d6bf0ea50ca3cdd5bc635ee
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /5673073/hoplitepack.zip HTTP/1.1
Host: tmpfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 18:52:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: XSRF-TOKEN=eyJpdiI6IktsdVh1NzYxOStOT25ZLzFPVU13WlE9PSIsInZhbHVlIjoiSHljY2pMdEhTS3BnS2lMNjhCSkdSNTBzc2JkdFl2TDBiR2hBWGVSV2toM1JmQmJPanVYWlpxeW5WNUZiWUxoaUhNMVp4TWFsZklwYzVtUDVRbWEzbXBtcWg4cTY5M3duV1lMenFVWkpGZXhDbFVkY3FvUTk1bjFHUUI3c3RPY3MiLCJtYWMiOiI5MGFmMmNjMDFjODczNjZjMjE4YzEwMTQ3OTJkZWE1ZDI2MjQ3NDE0Yzc1NTczNGM0ZmJjYTExMTYzMGJiOWRjIn0%3D; expires=Wed, 08-May-2024 20:52:06 GMT; Max-Age=7200; path=/; samesite=lax
tmpfiles_session=eyJpdiI6Im1VYVdBL2UyZUR5TVM3MXRkaGdOMkE9PSIsInZhbHVlIjoiMHQ2MUNiaE14Tzd6TUJZZGdUWERaNmxVUXpGaUtHdWM2SERzWEFRYnM4TkhFTFJCMUxqblAwZTVTYkdrbUpINTJWLzJ6UXl0Mi9MRkxZR3NHUkowbjJWeUNPSFRmajZjdVk5MzdQVHpiVDE4RDg2UEsrZ2ZZTmVJVHRIK0JGUk8iLCJtYWMiOiIzMzFhNGNkMTMwNWUxNGMyOWM5Y2VhNDI4MzkzZWQxNTRhNjgwYjViMzU4OThiYWQxNzExMmNjYTg0ZTA1NTMxIn0%3D; expires=Wed, 08-May-2024 20:52:06 GMT; Max-Age=7200; path=/; httponly; samesite=lax
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HthLe%2FPDHHxwmaMLA8ybnnEOcPQk4yO30QiewwX2%2FtImFo02TvtoOiw5laedJjBzzT%2B7I75Q8sqrldAEcdtJO7r36wpJJuZuFt93L3u%2FEP61iiX86OMEqrJlAMMK6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ba51d8fa156bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tmpfiles.org/favicon.ico | 104.21.21.16 | 200 OK | 1.2 kB |
IP104.21.21.16:443
Requested byhttps://tmpfiles.org/5673073/hoplitepack.zip CertificateIssuerLet's Encrypt Subjecttmpfiles.org FingerprintE0:4F:08:69:83:B8:6E:53:52:25:B2:01:05:CA:CA:AA:17:BE:FE:42 ValiditySat, 30 Mar 2024 08:25:37 GMT - Fri, 28 Jun 2024 08:25:36 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash641276e2d4d0995c8262223f1fdda3d2 4f3f8f324f842e21d6921fffef2be2370cba9c49 5c039a5032f66daf0ad7ccaf04589686dfcc0b580113c1c6a9cff06ed4ce676d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: tmpfiles.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tmpfiles.org/5673073/hoplitepack.zip
Cookie: XSRF-TOKEN=eyJpdiI6IktsdVh1NzYxOStOT25ZLzFPVU13WlE9PSIsInZhbHVlIjoiSHljY2pMdEhTS3BnS2lMNjhCSkdSNTBzc2JkdFl2TDBiR2hBWGVSV2toM1JmQmJPanVYWlpxeW5WNUZiWUxoaUhNMVp4TWFsZklwYzVtUDVRbWEzbXBtcWg4cTY5M3duV1lMenFVWkpGZXhDbFVkY3FvUTk1bjFHUUI3c3RPY3MiLCJtYWMiOiI5MGFmMmNjMDFjODczNjZjMjE4YzEwMTQ3OTJkZWE1ZDI2MjQ3NDE0Yzc1NTczNGM0ZmJjYTExMTYzMGJiOWRjIn0%3D; tmpfiles_session=eyJpdiI6Im1VYVdBL2UyZUR5TVM3MXRkaGdOMkE9PSIsInZhbHVlIjoiMHQ2MUNiaE14Tzd6TUJZZGdUWERaNmxVUXpGaUtHdWM2SERzWEFRYnM4TkhFTFJCMUxqblAwZTVTYkdrbUpINTJWLzJ6UXl0Mi9MRkxZR3NHUkowbjJWeUNPSFRmajZjdVk5MzdQVHpiVDE4RDg2UEsrZ2ZZTmVJVHRIK0JGUk8iLCJtYWMiOiIzMzFhNGNkMTMwNWUxNGMyOWM5Y2VhNDI4MzkzZWQxNTRhNjgwYjViMzU4OThiYWQxNzExMmNjYTg0ZTA1NTMxIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 18:52:07 GMT
content-type: image/x-icon
last-modified: Fri, 10 Feb 2017 21:01:32 GMT
etag: W/"589e2a2c-47e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LajHFKbyEaMLrJMwPqQ3YRUtbBeVKtqXA5AZnTmZCIAVtjQZg8cNT50Kcm0TNcSMix1L7PwajxrSlmiLkDZKuWboml9bWFDMo7uQ6msflGoX9txPeLmyqRrJ1LpVQG0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880ba524bbf2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700 | 142.250.74.170 | 200 OK | 5.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700 IP142.250.74.170:443
Requested byhttps://tmpfiles.org/5673073/hoplitepack.zip CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (5068), with no line terminators Hashec4bca611842cd13cfd6feba64afaacf 064d0e71b5457d449fcf378faf17430329cf603f dceeab8e3e31991c6ddb86d0a56d3b2e70862b7de5e576176f09035f9329415e
GET /css?family=Open+Sans+Condensed:300,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tmpfiles.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 18:52:07 GMT
date: Wed, 08 May 2024 18:52:07 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|