Report - go.greenlinknow.com/t/clk?id=bLH31X1s9QIYZjSQ&s1=663e7fadd3556e000162c2e1&s2=154527659609a3189c0518324ac14aea2&rl=gJNzIA96foPL&redirect-from=0MHezmzuL7cMALfZ&rcode=R02&rseq=R02,R02,R02

Report Overview

Submitted URL
go.greenlinknow.com/t/clk?id=bLH31X1s9QIYZjSQ&s1=663e7fadd3556e000162c2e1&s2=154527659609a3189c0518324ac14aea2&rl=gJNzIA96foPL&redirect-from=0MHezmzuL7cMALfZ&rcode=R02&rseq=R02,R02,R02
IP
34.233.9.147
ASN
#14618 AMAZON-AES
Submitted
2024-05-10 20:13:36
Access
public
Website Title
Watch your favorite movies and TV shows!
Final URL
flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
108

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	444 B	1.8 kB	142.250.74.106
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-09	338 B	942 B	143.204.53.97
go.greenlinknow.com	unknown	2021-03-08	2021-06-13	2023-12-09	1.4 kB	1.5 kB	34.199.31.32
secureanalytic.com	13422	2019-05-02	2015-12-31	2024-05-04	447 B	4.0 kB	188.114.97.1
event.secureanalytic.com	30491	2019-05-02	2021-07-14	2024-05-08	1.1 kB	3.2 kB	188.114.96.1
flaredownload.com	unknown	2024-01-18	2024-01-19	2024-04-18	50 kB	2.7 MB	104.21.19.111

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed
2024-05-10	medium	flaredownload.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	flaredownload.com/assets/hl-f7944c84.js	2.8 kB	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-f7944c84.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:47 Times Seen17 Hash c428a19a519252bea69e5d7b29f29744 8d569a034ba888f0777f56bbcb9a4a55a175ef5a b02183466ab944a183c2e3626fa5c9b6c00ae99b63102bfb44a4ee16ff39cdd9 Loading...

	flaredownload.com/assets/hl-f93eab01.js	5.1 kB	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-f93eab01.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:48 Times Seen17 Hash 6231c63cb8b0257002d154b9877e2d4b 30b3954ea08fe921524144f9dff1fe4985661dee fda9ca21093756071a66de80bd31aa98aad5d5fec6f7fc4ce875bf930ca2e9ce Loading...

	secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com	8.1 kB	2024-05-02	2024-06-04
Pretty URL secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 23:53:13 Last Seen2024-06-04 01:29:15 Times Seen182 Hash f0fab3cc04750bba62119045aad0cca4 c4bac1f34757d7d9553b0f9d23b1d419e908e62e 4590979b3d0fa22e8974e8b9d80124d0f02b6accbb154ff6e9c67b59e9fcf2c6 Loading...

	flaredownload.com/assets/hl-49fdde2e.js	2.1 kB	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-49fdde2e.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 19:02:52 Last Seen2024-05-13 21:54:08 Times Seen11 Hash 17c869d1ae1748dd3068b65cc5923299 e59804d22162954641599922717367cfe3831747 46650210e7dc77ac6fa81643b6126d63e7f1ee4854634d4eebb0c5c71fba5545 Loading...

	flaredownload.com/assets/hl-81b37d5e.js	529 B	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-81b37d5e.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:54:08 Times Seen13 Hash 65f7e0db25192bc8565cd9ed8696c10c 038ea27a002a5f6242da70e7babdf9b629004024 914af13dc059d7d66e0f63672d73dbdeee505bbcb95cec847ba62ae7e8ff4120 Loading...

	flaredownload.com/assets/hl-f5b35e57.js	561 B	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-f5b35e57.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:47 Times Seen19 Hash fb20ef11c973bdc57eced1a032aada0f 546100cd7732a9dc2c3b7d594d980e7205978d49 f581552cced005fe709cbc03b02b91ecebcb3472af50db5c2e6e361e2868aa09 Loading...

	flaredownload.com/assets/hl-35a77ba0.js	72 kB	2024-04-18	2024-06-04
Pretty URL flaredownload.com/assets/hl-35a77ba0.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:16:42 Last Seen2024-06-04 01:29:15 Times Seen272 Hash f87da472e47dc575b6cb8dc377d18916 bff262654ae71f3be0a658cfbe5a53c787c05d55 5c38207c92f3650eaef6616521c8b1e0a03ceb384030f1c2b67cb75e25925ca8 Loading...

	flaredownload.com/assets/hl-7899f489.js	7.1 kB	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-7899f489.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 19:02:52 Last Seen2024-05-13 21:54:08 Times Seen11 Hash 1237d98dc7359967793e90b2b11efd03 c5284f1fb3894e8aaf20729bc2561dc1c28f9239 5efdfa92f986beb8e2073e00157e12dcaa49074fd9dca4457042304ef6417440 Loading...

	flaredownload.com/assets/hl-06c5bc34.js	418 B	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-06c5bc34.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:47 Times Seen19 Hash 4d37a7c81c17c52fbf4d6c7523c1c858 a1d172b388f82dbc1e419e40eabb673b901b7d13 01b4b0a16f00658c8422aec4f3608f20882c1d0296411671dd95a4b8caa8f8b9 Loading...

	flaredownload.com/assets/hl-403ae525.js	687 B	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-403ae525.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:54:08 Times Seen13 Hash 00821a43bb50df969e8f532d13db862f 0b480632aa56e14b3cdaff4bcb8167defd4992f4 6e3fd1f79955f6401df6f64f5cd2fa0bfe9b3ba6a559a7f7a4a1dd7ebd54488b Loading...

	flaredownload.com/assets/hl-1ae908b8.js	1.9 kB	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-1ae908b8.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:47 Times Seen17 Hash 6c5c4dcb6f88dc9fcde6f82f4609184a 6c0db42615f1d304b7e6f8e65017a837548960c1 32dae317eda7232c43006b890a9f63a2188a05e8160859df973ec85bd5f93939 Loading...

	flaredownload.com/assets/hl-bc49037c.js	3.2 kB	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-bc49037c.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 19:02:52 Last Seen2024-05-13 21:55:48 Times Seen13 Hash dd08f2e9f034a200e49f0389ec1a56f9 fa4ceaab23c7e647044b4d475c3c4694823a8c93 0d7e6a0cb0daa83644e9a0283ea960891015f6da360b5381a1290712e3c22a66 Loading...

	flaredownload.com/assets/hl-496efccd.js	915 B	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-496efccd.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:48 Times Seen17 Hash d156ea9fae9982e1a06e0ef452728f11 356aa4e85b5d617349120c7c255812399a934838 984ccfe49addddfc142bdfc19558828f6ae70d1ea6f25cdcc5033fd8449a695e Loading...

	flaredownload.com/assets/hl-d7413dd4.js	5.0 kB	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-d7413dd4.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:47 Times Seen17 Hash 8e9a9328207f5297d1b455e2a7cfac45 19e1b94e1db95e9f37840e2ed64e40bfd4e8a758 d691bedcf9c5c4271cf0e478f5d4756261ed81a349526073651b6d2b5864857a Loading...

	flaredownload.com/assets/hl-de833af9.js	690 B	2023-11-04	2024-06-04
Pretty URL flaredownload.com/assets/hl-de833af9.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-11-04 19:20:12 Last Seen2024-06-04 01:29:15 Times Seen270 Hash 07f4201d4f772dc3825f3399bb217552 e70c0af48037b02ab9ea515952b889f9eb7bcdb1 5103bcdb5637c56d4a70564479cef8e07ec2d3f00620b428cdb36c28c430d906 Loading...

	flaredownload.com/assets/hl-3e162dba.js	779 B	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-3e162dba.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:47 Times Seen17 Hash 7d42f7c06a30033213a4d753510782ab 9772deea0561515af1c7f80fe011475502842e76 0ddd5c1bd350858a9225e0186b8d16d9d6ced42133e12d939fc156424cb191e8 Loading...

	flaredownload.com/assets/hl-a61a69c3.js	268 kB	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-a61a69c3.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:48 Times Seen37 Hash 7098d9d54596a85e29ba4fb43d7adb65 a00378fee4d268b6c0013e6dc628dc190a6ed99f f3331b5213a71df12356649e86b5f89b7f1e5ff0280fdecfbae3e56271a73c30 Loading...

	flaredownload.com/assets/hl-edb2da2a.js	1.4 kB	2024-04-18	2024-05-20
Pretty URL flaredownload.com/assets/hl-edb2da2a.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:16:43 Last Seen2024-05-20 16:11:53 Times Seen177 Hash 0fb9d8a5fba7f6a569da52896f965ea3 6e57202028341c2674083acf9e428817c6725c6c 30137b4b0317a40d0c195fff2b2cd054bb39adf2fb94d357f269cb36e3c11581 Loading...

	flaredownload.com/assets/hl-477fd99d.js	1.4 kB	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-477fd99d.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:47 Times Seen17 Hash 284063d738ea348f8c8543f5e9412c6d 0b95d7c7f4e28408ac6f5373643d9d096f37eecb dd511635e3e2a78a65a1ba5b8a85f5c8cfa4626154466f55dd91b2cc475ac5f9 Loading...

	flaredownload.com/assets/hl-cf3f4bed.js	616 B	2024-05-10	2024-05-13
Pretty URL flaredownload.com/assets/hl-cf3f4bed.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 17:27:22 Last Seen2024-05-13 21:55:47 Times Seen17 Hash 4d41cfde755acbd45dbd2f760861e891 3b40bf6d9316e091eee20c57d532c87b003f9f09 e54c27d8bf10a7bd51659ea8fdff0bfe3546079a728437d4cdcebb77e2b232f2 Loading...

HTTP Transactions (61)

URL IP Response Size

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1a6d64080fc97d69b0ada02c992ec696
ffa0b1cf2cd7e4dc9d7809715e44a11a893d9090
5f016be1410503ceb5776e2dca68d1f5d7012a72d2d26cf6e160aec6a9918ab1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 20:13:07 GMT
Last-Modified: Fri, 10 May 2024 19:30:24 GMT
Server: ECAcc (amb/6A94)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 65paRJMBe0KbvYC7Hwe9N68Q9oCVO_D1HVfNofytjYbvi40EvFAVcg==
Age: 2563

go.greenlinknow.com/t/clk?id=bLH31X1s9QIYZjSQ&s1=663e7fadd3556e000162c2e1&s2=154527659609a3189c0518324ac14aea2&rl=gJNzIA96foPL&redirect-from=0MHezmzuL7cMALfZ&rcode=R02&rseq=R02,R02,R02

34.199.31.32

302 Found

0 B

URL User Request GET HTTP/2
go.greenlinknow.com/t/clk?id=bLH31X1s9QIYZjSQ&s1=663e7fadd3556e000162c2e1&s2=154527659609a3189c0518324ac14aea2&rl=gJNzIA96foPL&redirect-from=0MHezmzuL7cMALfZ&rcode=R02&rseq=R02,R02,R02
IP
34.199.31.32:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subject*.greenlinknow.com
Fingerprint50:1E:2E:70:CB:1C:84:ED:EB:C0:D2:DB:CA:87:BE:1E:66:31:57:19
ValidityMon, 18 Dec 2023 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/clk?id=bLH31X1s9QIYZjSQ&s1=663e7fadd3556e000162c2e1&s2=154527659609a3189c0518324ac14aea2&rl=gJNzIA96foPL&redirect-from=0MHezmzuL7cMALfZ&rcode=R02&rseq=R02,R02,R02 HTTP/1.1
Host: go.greenlinknow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 10 May 2024 20:13:08 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://go.greenlinknow.com/t/clk?id=dlHABxBhnetv1Js3&s1=663e7fadd3556e000162c2e1&s2=154527659609a3189c0518324ac14aea2&rl=8204I613s1gqtN4W&redirect-from=0MHezmzuL7cMALfZ&rcode=R02&rseq=R02,R02,R02,R02
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: ydt_a31a0322edef4efaa328c3e667d70925="[]:1s5Wc8:KiyX8rZgVVaUpTGJ8jNpcbH3h8g"; expires=Sun, 09 Jun 2024 22:13:08 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

go.greenlinknow.com/t/clk?id=dlHABxBhnetv1Js3&s1=663e7fadd3556e000162c2e1&s2=154527659609a3189c0518324ac14aea2&rl=8204I613s1gqtN4W&redirect-from=0MHezmzuL7cMALfZ&rcode=R02&rseq=R02,R02,R02,R02

34.199.31.32

302 Found

0 B

URL User Request GET HTTP/2
go.greenlinknow.com/t/clk?id=dlHABxBhnetv1Js3&s1=663e7fadd3556e000162c2e1&s2=154527659609a3189c0518324ac14aea2&rl=8204I613s1gqtN4W&redirect-from=0MHezmzuL7cMALfZ&rcode=R02&rseq=R02,R02,R02,R02
IP
34.199.31.32:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subject*.greenlinknow.com
Fingerprint50:1E:2E:70:CB:1C:84:ED:EB:C0:D2:DB:CA:87:BE:1E:66:31:57:19
ValidityMon, 18 Dec 2023 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/clk?id=dlHABxBhnetv1Js3&s1=663e7fadd3556e000162c2e1&s2=154527659609a3189c0518324ac14aea2&rl=8204I613s1gqtN4W&redirect-from=0MHezmzuL7cMALfZ&rcode=R02&rseq=R02,R02,R02,R02 HTTP/1.1
Host: go.greenlinknow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ydt_a31a0322edef4efaa328c3e667d70925="[]:1s5Wc8:KiyX8rZgVVaUpTGJ8jNpcbH3h8g"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Fri, 10 May 2024 20:13:08 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: uip="[\"eYCX1D8rv\"\054 {\"apyK\": \"8x6YJVV\"}]:1s5Wc8:BlyZBzaps0awrTIjv7HJHfJ5s8w"; expires=Sun, 09 Jun 2024 20:13:08 GMT; Max-Age=2592000; Path=/
ydt_a31a0322edef4efaa328c3e667d70925="[\"b408c83a-304c-439b-b94d-b6cff2165c7e\"]:1s5Wc8:bFRGBhYqMAZbFaktf1gFnMkqmck"; expires=Sun, 09 Jun 2024 22:13:08 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com

188.114.97.1

200 OK

2.5 kB

URL GET HTTP/2
secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type
JavaScript source, ASCII text, with very long lines (8142)
Size
2.5 kB (2521 bytes)
Hash
f0fab3cc04750bba62119045aad0cca4
c4bac1f34757d7d9553b0f9d23b1d419e908e62e
4590979b3d0fa22e8974e8b9d80124d0f02b6accbb154ff6e9c67b59e9fcf2c6

HTTP Headers

GET /scripts/push/script/02eyoyxdkz?url=flaredownload.com HTTP/1.1
Host: secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2521
content-encoding: gzip
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: HIT
age: 5
last-modified: Fri, 10 May 2024 20:13:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvnf9vYJ7Mq1fYiFJqr%2BqHsRjFKEFfIr5nQSffkaA%2BW%2B1GpNlP2aY1MFze73ThLVgvXiuFnBO4ok%2BD89qjqEWo8ehtaGEi8YvLB6qf%2B9j9HP0PffJQIe77x5LAsbVoYbWsGxdi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c9694fa2e568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

event.secureanalytic.com/register/event_log/v9e179lqez

188.114.96.1

200 OK

0 B

URL POST HTTP/2
event.secureanalytic.com/register/event_log/v9e179lqez
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /register/event_log/v9e179lqez HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://flaredownload.com/
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: content-type
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
access-control-allow-methods: POST
x-frame-options: SAMEORIGIN
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N%2Fn%2FiDTWhM%2BltLxeud2r4BKgzOx4UNtT2ckADBPqktdNeV0n%2FVmnLl7Y9D%2BOQAAWxlo580E%2F3Ll2xM78%2F8YLELeIRVzbs9TjdwwOV40Z7QBNjeC9YKTim3zdM7yEYccEh4RJf%2FDDaB8n%2B2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c9695bcc41c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-49fdde2e.js

104.21.19.111

200 OK

1.3 kB

URL GET HTTP/3
flaredownload.com/assets/hl-49fdde2e.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
1.3 kB (1344 bytes)
Hash
c78d2fd45ac104bf390d7d4a00f7b85d
1b99edb71eb99398147d0b76f91825f56049011f
6fe8cd0f9b05c18d3c6b8a1d2f4443791772ac1f5ac90f1579c6b3781624fc2f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-49fdde2e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-f93eab01.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2078
access-control-allow-origin: *
etag: W/"663e1dab-81e"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SngX5sDDrEMu7uu%2BfSCgF6xIPow1X4bJvZ5vF3u5qPEBMSV5pcKYW%2B2mbjX4G0qEcWNFT3IUiywx%2ByM69Ib%2BakyrEtZzvicDcTLWgmY4q8iNqv6KKfAzbTr2ftCWzntNnJfZHyQrug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96951c970b59-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,500,700

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1216 bytes)
Hash
a2c3113dbd017677e7f2c3ed6e40114e
b9c42ac0d5b4117868f31bcf05c53a516666e2f8
ffd0a7fa0b01a23fdb4758025aa556f9cc72bc103cb7c8c5b8689cf656422787

HTTP Headers

GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 20:13:09 GMT
date: Fri, 10 May 2024 20:13:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

event.secureanalytic.com/register/event_log/v9e179lqez

188.114.96.1

200 OK

0 B

URL POST HTTP/2
event.secureanalytic.com/register/event_log/v9e179lqez
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /register/event_log/v9e179lqez HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/
Content-type: application/json
Content-Length: 103
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params: 
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: SAMEORIGIN
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yyepI%2B401uxMdH61qTFYvI2Srq8Es3PBrf0j683906ZTWl5cS4Hrc22i3O4ztRbPxHk8eaNjykqg26KMyv3GWiGXz6VHO7smT%2BLarWUP9WCeRCfOQ%2BGXhjpEf49pEmv2%2F5kx2lj2K89WQdo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c96968d4a1c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-f5b35e57.js

104.21.19.111

200 OK

7.0 kB

URL GET HTTP/3
flaredownload.com/assets/hl-f5b35e57.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
7.0 kB (7037 bytes)
Hash
4ddd1f8e8ea866e98d31df71ca3c8cd1
77675196822e40501cd221c2a7c883d18c4cf065
655a34eca4e638a2913bebb6cc1f29a94902515d255f00bff1c7ffe7b638cfe1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-f5b35e57.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"663e1dab-232"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BjmlHBeNS5%2B%2BXD3yu2nsFHK4QVE5nZCmvsZCAOwzDQMLuTXKd3UjgxqMjhsIunX5pkjgmQQ3XgyRHi1GefJc2aFRWvXmTSGTIyv%2B5240lV%2Fd2YcHV9zGwZlt%2Fh80%2Fhskw8mCWNQUNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c9695ad4a0b59-OSL

flaredownload.com/prod/images/b8951ec12fcbc404228c41b98bf7dc05.png

104.21.19.111

200 OK

917 B

URL GET HTTP/3
flaredownload.com/prod/images/b8951ec12fcbc404228c41b98bf7dc05.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
917 B (917 bytes)
Hash
ae126dcdf8581afd4f5287e47a865c4b
467a70ace4e8ba22c6d060de9a51041158c93d0f
584e53768bb90991e7b60eb7ecc2c5d9c26dd9a4f782a104030348c9b82cf473

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/b8951ec12fcbc404228c41b98bf7dc05.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 917
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-395"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zZG8gN5SOeskEqQm8M5OkCdEzsZwFy0MuPZQvR%2FjOGaR82eOtXs7iAm%2Bf5Gja6Sotn93EkhP1%2FarH6gMKOKfhT%2Fzu14czwakYuTq2JeCBxV7xYbat70EK2ILXaP6qWFiQX34ouNQyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 4
accept-ranges: bytes
server: cloudflare
cf-ray: 881c9697bf7a0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-81b37d5e.js

104.21.19.111

200 OK

5.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-81b37d5e.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
5.8 kB (5784 bytes)
Hash
73e8be61c5f726f33898c3144f630208
8187dc9565fa670ff0b768c72c618242185a6a7b
95ad5088b41100bea3f74d7e12991fa5906f8ee0d7342dd86b0b2c77d84fbf00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-81b37d5e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-7899f489.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=530
access-control-allow-origin: *
etag: W/"663e1dab-212"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OKG9EaHtvIGekMFxrAxYaWng1pLvzXeN33TIRu6GHQyCTXvCl3vXrWWwM6FmCH%2BtHDljEji%2BwWRHrwTttNAAM6S4mD5tTTjS0uHkvErB6P6eIDGSKFFFkkpJ%2B7SPl9WV5fV9kwExFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96977f2b0b59-OSL

flaredownload.com/assets/hl-403ae525.js

104.21.19.111

200 OK

5.2 kB

URL GET HTTP/3
flaredownload.com/assets/hl-403ae525.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
5.2 kB (5249 bytes)
Hash
f2001b4b99be5822def06cc573d9f326
79bb65682a0d599f645ba171ba53d09f84ec299c
9c66e5739c86e283878874b45f3618f183198763e3c593e5509f72229c823bb5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-403ae525.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-7899f489.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=688
access-control-allow-origin: *
etag: W/"663e1dab-2b0"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULlQi7irXf7X16QoHcU8LXFEOVd4Hu51f5u2bYef130EcorZnzm71XUG4HomO4g%2B7TkNfYdBOKBfkZJN%2FZ%2BiiA0TKhSYWLS%2BL7x4uhtOFRmcC7Z8HvX62JD9NI8%2BR2Fe5l6F9iC%2Fag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96977f310b59-OSL

flaredownload.com/assets/hl-d7413dd4.js

104.21.19.111

200 OK

2.5 kB

URL GET HTTP/3
flaredownload.com/assets/hl-d7413dd4.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
2.5 kB (2478 bytes)
Hash
8f6bd59b397a957623395dc3e3dfd6d8
a0b8b6a9fed332afdc2bca5157dd6dc5784e9295
87f1a6f4e5406b7246afe4bc058c94d1a21d0fef08c70de65d55ff952aabfa5c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-d7413dd4.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-7899f489.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5041
access-control-allow-origin: *
etag: W/"663e1dab-13b1"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4v%2B0oAE9NKXhwA6Rb7yoxNXFCX%2BuhUx1KvZxYh09T3ejCduMBYcgUXXNAIBnuZsluXyZ%2B9Yiwmf09CwAMjMlizOsnOabtiFgaY8sWXZ%2B91bxpPS8VT3ZErs6xT9okpLPey5F%2BWVzNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96977f320b59-OSL

flaredownload.com/prod/images/8cc59accec24f33766b15adf267e9641.png

104.21.19.111

200 OK

723 B

URL GET HTTP/3
flaredownload.com/prod/images/8cc59accec24f33766b15adf267e9641.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 60 x 60, 8-bit colormap, non-interlaced
Size
723 B (723 bytes)
Hash
ba8f10079cf5a5f5cffd4312e047db3d
2864af04fbdb64a20c8e1c2615a0401fca4bc956
e157263323db5ea8e56113a9119f4733b0a8130563d87e20e1b3575f4f22620c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/8cc59accec24f33766b15adf267e9641.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 723
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-2d3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9XlrCcJw3P08JTRoUky75%2FDWHUQAH0faUK8fye%2FSWn9AYhXJTahN0ck%2FMjD1pE6CdjiDdRFsdBpGC2T4SwZ34FzaCFBcPWyfzfKFKTvn4idQSiKdifzBNCdqeWro%2FJ%2Bth6eXl%2BaSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c96983fd20b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/db126da1b71e69a76e54d2f4139a347c.png

104.21.19.111

200 OK

220 B

URL GET HTTP/3
flaredownload.com/prod/images/db126da1b71e69a76e54d2f4139a347c.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 72 x 48, 4-bit colormap, non-interlaced
Size
220 B (220 bytes)
Hash
f1063acb225b213d5fa9b231ee16cd25
e549decdc41f5ee29e75387f32470d90ee772787
4ee13f508c5a43754521cc34fd490bfb72daa996baaa558fa8638586371b1752

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/db126da1b71e69a76e54d2f4139a347c.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 220
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-dc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GYUJV8thoNmGTeyKXV10e70sqH1UWLBso%2BS6u0UnDveOCJV%2BToZUgZuv8BHZhMsv1mvKoxyTr0qw2tRLx0%2F%2B41ilnCrxxwQbkJQuYYEpgUCFm8q%2FB6XUm6R3zNmZCjEUpcTq9GVShQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c96983fd90b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/a032b8243950801928214bc5092e9764.png

104.21.19.111

200 OK

110 B

URL GET HTTP/3
flaredownload.com/prod/images/a032b8243950801928214bc5092e9764.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 48 x 48, 1-bit colormap, non-interlaced
Size
110 B (110 bytes)
Hash
09d6a9ebc45af5c5367f0a216e6234d7
357bb5d08644fbe599d34d165652dc19afe0df9c
5fda2ac54507259375f4107937b24a9c42302725c816cfd1620e84a526c734b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/a032b8243950801928214bc5092e9764.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 110
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-6e"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8%2FKASo2%2FfzVvmX5AcdhTjFhvcu6%2FcmQZpl6CH80cUd4Me3V6IFdcXP3PrCoE8CToHvZjZQtKmZid2drJQyZkeGQ%2FQJuSgPVWV4gLDUu66uiloOigoEDQny1doS%2FCj3EZvTXfrYdNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c96983fd50b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/0a0c25c3671252ddad1a0a2c61b4aa3e.png

104.21.19.111

200 OK

736 B

URL GET HTTP/3
flaredownload.com/prod/images/0a0c25c3671252ddad1a0a2c61b4aa3e.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 60 x 60, 8-bit colormap, non-interlaced
Size
736 B (736 bytes)
Hash
3e81792d1c3c845ca714ccb6d622a5cb
370d33f46430e85060c11f8d0d325b963743e738
039b1d9bc03573a402798799c1d0dbef6f03979e51ccf3576d2cfb07112b4145

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/0a0c25c3671252ddad1a0a2c61b4aa3e.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 736
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-2e0"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DuH63%2BKyapLzr0OOcHoTaDP1qFuQUKxJI%2F6Zb5xLvvjWo8FfJaFVV0SaoD%2BJCJWRaiGl4XQcGuXbcy71B5D5WftJBugpv0Ud%2FPcbTGH6yS3JZJr%2FBNuXcC2qpjZgJL0HV8ogWcRjrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c96984fe10b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-35a77ba0.js

104.21.19.111

200 OK

32 kB

URL GET HTTP/3
flaredownload.com/assets/hl-35a77ba0.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
32 kB (31805 bytes)
Hash
8316474f05522cb1b29dc4ec347ada52
a9e238603d619de9c74fd879556be45639ab794b
72205e6bc5ac1a5964597364945e393468e2a0d4a3b3c8a4af82aa98baee6a9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-7899f489.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"663e1dab-11952"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y55ii%2BKFKY98j%2F%2BcSjB3ARdLne9Sq%2Bra3JKFImvoNur1xBF7JKhEmW6VB%2BhrbBVDIuF2n5QTmEFk6VUaHT47CzoR%2F%2BpZvpEEhzsz2%2BNuRXQPhM1bwdPrY%2Fqtyw1TFMZkNVMZNL70bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96977f340b59-OSL

flaredownload.com/assets/hl-de833af9.js

104.21.19.111

200 OK

5.2 kB

URL GET HTTP/3
flaredownload.com/assets/hl-de833af9.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
5.2 kB (5169 bytes)
Hash
34c9c40e95efa426f3c1f4de344c4eb2
a8c8c2de1597cf0d261591141f4c9c2b31d5e042
ea22b9dd35578d95d1f71927588e9f8bfa90c550140305b8e193c0b54b667bb6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-de833af9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-7899f489.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=691
access-control-allow-origin: *
etag: W/"663e1dab-2b3"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hbLO4f%2BBFgX2lcUYFYAmF6fTAhIwUIrB24uyEHibXFRkb2Wksrb7FMEQ8FtT72EpTujmaGiVm2kxtOHufpFSd%2BQMrrN9FcYM0VmRTzplrXqBnkITXJ8bGDBvlpWE6WCluW2gMFiI0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96977f360b59-OSL

flaredownload.com/prod/images/d6f1a49d2bef9aed973072b6061b3cbc.png

104.21.19.111

200 OK

1.1 kB

URL GET HTTP/3
flaredownload.com/prod/images/d6f1a49d2bef9aed973072b6061b3cbc.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 142 x 116, 8-bit colormap, non-interlaced
Size
1.1 kB (1089 bytes)
Hash
cf1125dc9e8565471095b2315121607f
4587708c5f5abb1f9e5edfa01df0db5231dc6384
b6834940fa7f64a908522d2f88d6487b2da1580f6ae729e7cb8f7088c9b9204e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/d6f1a49d2bef9aed973072b6061b3cbc.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 1089
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-441"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5O2dz2jsF5%2B92QiiWR6BhHu1kxduQ5mSWcYIAoNzUxy5xjFWFhLG%2Fl4VSrO%2FthPxeuTKmjVblI4cyR5eHXYlrSWE0betP4SqRRJOuOq6RrL0AtXDQPRPXAE2aNArF3Vma15MG73abw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c9698881c0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/8cc59accec24f33766b15adf267e9641.png

104.21.19.111

200 OK

723 B

URL GET HTTP/3
flaredownload.com/prod/images/8cc59accec24f33766b15adf267e9641.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 60 x 60, 8-bit colormap, non-interlaced
Size
723 B (723 bytes)
Hash
ba8f10079cf5a5f5cffd4312e047db3d
2864af04fbdb64a20c8e1c2615a0401fca4bc956
e157263323db5ea8e56113a9119f4733b0a8130563d87e20e1b3575f4f22620c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/8cc59accec24f33766b15adf267e9641.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 723
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-2d3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9XlrCcJw3P08JTRoUky75%2FDWHUQAH0faUK8fye%2FSWn9AYhXJTahN0ck%2FMjD1pE6CdjiDdRFsdBpGC2T4SwZ34FzaCFBcPWyfzfKFKTvn4idQSiKdifzBNCdqeWro%2FJ%2Bth6eXl%2BaSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c9698881d0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/a032b8243950801928214bc5092e9764.png

104.21.19.111

200 OK

110 B

URL GET HTTP/3
flaredownload.com/prod/images/a032b8243950801928214bc5092e9764.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 48 x 48, 1-bit colormap, non-interlaced
Size
110 B (110 bytes)
Hash
09d6a9ebc45af5c5367f0a216e6234d7
357bb5d08644fbe599d34d165652dc19afe0df9c
5fda2ac54507259375f4107937b24a9c42302725c816cfd1620e84a526c734b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/a032b8243950801928214bc5092e9764.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 110
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-6e"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8%2FKASo2%2FfzVvmX5AcdhTjFhvcu6%2FcmQZpl6CH80cUd4Me3V6IFdcXP3PrCoE8CToHvZjZQtKmZid2drJQyZkeGQ%2FQJuSgPVWV4gLDUu66uiloOigoEDQny1doS%2FCj3EZvTXfrYdNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c969888210b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/db126da1b71e69a76e54d2f4139a347c.png

104.21.19.111

200 OK

220 B

URL GET HTTP/3
flaredownload.com/prod/images/db126da1b71e69a76e54d2f4139a347c.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 72 x 48, 4-bit colormap, non-interlaced
Size
220 B (220 bytes)
Hash
f1063acb225b213d5fa9b231ee16cd25
e549decdc41f5ee29e75387f32470d90ee772787
4ee13f508c5a43754521cc34fd490bfb72daa996baaa558fa8638586371b1752

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/db126da1b71e69a76e54d2f4139a347c.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 220
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-dc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GYUJV8thoNmGTeyKXV10e70sqH1UWLBso%2BS6u0UnDveOCJV%2BToZUgZuv8BHZhMsv1mvKoxyTr0qw2tRLx0%2F%2B41ilnCrxxwQbkJQuYYEpgUCFm8q%2FB6XUm6R3zNmZCjEUpcTq9GVShQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c969888230b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/0a0c25c3671252ddad1a0a2c61b4aa3e.png

104.21.19.111

200 OK

736 B

URL GET HTTP/3
flaredownload.com/prod/images/0a0c25c3671252ddad1a0a2c61b4aa3e.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 60 x 60, 8-bit colormap, non-interlaced
Size
736 B (736 bytes)
Hash
3e81792d1c3c845ca714ccb6d622a5cb
370d33f46430e85060c11f8d0d325b963743e738
039b1d9bc03573a402798799c1d0dbef6f03979e51ccf3576d2cfb07112b4145

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/0a0c25c3671252ddad1a0a2c61b4aa3e.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 736
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-2e0"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DuH63%2BKyapLzr0OOcHoTaDP1qFuQUKxJI%2F6Zb5xLvvjWo8FfJaFVV0SaoD%2BJCJWRaiGl4XQcGuXbcy71B5D5WftJBugpv0Ud%2FPcbTGH6yS3JZJr%2FBNuXcC2qpjZgJL0HV8ogWcRjrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c969888250b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/f1239f7cb9bbbfc719d60b288619d7de.png

104.21.19.111

200 OK

113 kB

URL GET HTTP/3
flaredownload.com/prod/images/f1239f7cb9bbbfc719d60b288619d7de.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 993 x 546, 8-bit colormap, non-interlaced
Size
113 kB (113379 bytes)
Hash
d8d5a5e33a87b192a74126bbaf431726
febdcfef57d6d6d8a7b81c46f30d47a065d7e0df
f09f3901c52fc5ec1650f763efcd1f2b41694db31a6d3e135a1c5cf020e1e490

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/f1239f7cb9bbbfc719d60b288619d7de.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 113379
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-1bae3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iSCRfAon74RKU8e0LIGKJCqOvnrKN1%2F8M9%2F8eHIaLQDaHm%2FIPq9l6TMCNT%2BdKsekQHRVecWpDfXQqrSV3HoUIveoOVA9QMjRIQ4uz3sz4jJ4w9ygluFYbKn0yDEyqBdnYRuzJggOug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c969888270b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/f1239f7cb9bbbfc719d60b288619d7de.png

104.21.19.111

200 OK

688 kB

URL GET HTTP/3
flaredownload.com/prod/images/f1239f7cb9bbbfc719d60b288619d7de.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 993 x 546, 8-bit colormap, non-interlaced
Size
688 kB (688446 bytes)
Hash
7cfeeb18ea9d667526b8e3dd974d2f90
f5d819b4f25bebdfe711f845164fd5e7856d0c38
9c49ffe52e00d20e4aebb288f4f0a812f6fe532b54098cba21d3c3a192863e26

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/f1239f7cb9bbbfc719d60b288619d7de.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 113379
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-1bae3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iSCRfAon74RKU8e0LIGKJCqOvnrKN1%2F8M9%2F8eHIaLQDaHm%2FIPq9l6TMCNT%2BdKsekQHRVecWpDfXQqrSV3HoUIveoOVA9QMjRIQ4uz3sz4jJ4w9ygluFYbKn0yDEyqBdnYRuzJggOug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c96984fea0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-f7944c84.js

104.21.19.111

200 OK

134 kB

URL GET HTTP/3
flaredownload.com/assets/hl-f7944c84.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
134 kB (133535 bytes)
Hash
8f67005e19aa6960621c7cbd5d112e2f
80df32ad5e226ee5feb30f80af96ac97edc1bbf4
5630db96eaba97c09a2b1567e445356396e06aca2fa7cc988ce858055f0b182b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-f7944c84.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"663e1dab-b1a"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g9eDlCaAgbDRlKKK8bEm7UzofQamoBg1LAhWkNwH2BFGHgmhPM2Zy5WATjRDYqjAU9ewJTVanb586qwisQG3xnBkneg6X6qgDRl8G%2BJoe93m9MgW8FlJYZCo4uaqDY0siiuKxrliSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c9698780b0b59-OSL

flaredownload.com/assets/hl-cf3f4bed.js

104.21.19.111

200 OK

17 kB

URL GET HTTP/3
flaredownload.com/assets/hl-cf3f4bed.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
17 kB (17274 bytes)
Hash
56c1a32a3f208ca6272f6c8e1358a03c
eb5cd377e90a8bbe9d4a3b54d42428c9dd8e0e22
27ae2a19a248519f8fa2ae20f6f2a6c82ab0e3e0e70267baf6e117283efb0836

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-cf3f4bed.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"663e1dab-269"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zn%2BK%2BoaOqlFTid69iHr0WWuFmt1uGcNa9a9C689F5HD%2FHyHmD0es%2FOyptyOWJK2sdXxr7Z9A4NgTyQQRSadLHjGw6unq2trj%2B4ac8RZgIx0NP8gUvJE9ujN79Ht9OdK1p0F6oyn%2Bxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c969878110b59-OSL

flaredownload.com/assets/hl-1ae908b8.js

104.21.19.111

200 OK

24 kB

URL GET HTTP/3
flaredownload.com/assets/hl-1ae908b8.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
24 kB (24494 bytes)
Hash
6dfd7099c9a2b7097adcb4be796030df
9e19bfb7780cbf07931321743dfa0be9668834ce
861d093e0d1cb6d4700d3f065b9308959375c797afc13e1239482704e34cbe03

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-1ae908b8.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1923
access-control-allow-origin: *
etag: W/"663e1dab-783"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2e1K63n7ButpJl%2FcSoepEHLtzHt%2FNblHOKVdwU5FGhQkArEEXhwKr8Z17jxUsNw0tkVYkQ0ET8elXaRF48smsdSSJdLPdfh4XXuxeDPhCldCNxQBhPnL9VcrB6HZeXYGx9BDLodfYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c969878130b59-OSL

flaredownload.com/assets/hl-f5b35e57.js

104.21.19.111

200 OK

23 kB

URL GET HTTP/3
flaredownload.com/assets/hl-f5b35e57.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
23 kB (23375 bytes)
Hash
fb4d48528d8db040dd54968189d852a8
7a12ef83265c454bcdc6515ac925b4797dd2cab2
24f0f13da3d7cccad25f2c79263989bc0089eada567ae16fd6231cf2f9c50e82

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-f5b35e57.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-7899f489.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"663e1dab-232"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BjmlHBeNS5%2B%2BXD3yu2nsFHK4QVE5nZCmvsZCAOwzDQMLuTXKd3UjgxqMjhsIunX5pkjgmQQ3XgyRHi1GefJc2aFRWvXmTSGTIyv%2B5240lV%2Fd2YcHV9zGwZlt%2Fh80%2Fhskw8mCWNQUNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96977f300b59-OSL

flaredownload.com/assets/hl-477fd99d.js

104.21.19.111

200 OK

18 kB

URL GET HTTP/3
flaredownload.com/assets/hl-477fd99d.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
gzip compressed data, from Unix
Size
18 kB (18029 bytes)
Hash
47a0a7e3b4a4639cafed1bfd207d1fdf
4945e176a8b0fe336735d6c1577843646f77b6b7
9a3a1d0950e4f5a595ad09d3c3fc339d064f4b95b237db528cf511edec742101

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-477fd99d.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-7899f489.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1364
access-control-allow-origin: *
etag: W/"663e1dab-554"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQeKS38662BWB5xEA1InHeoJgG0FXHnwQcMjoRxnHVH0qjY%2B8uvTBG6stfqcI9HLvml4oVeFttE%2F%2B0HpUGAMU75pAGOe97E8mgtSWGmnpyFHZUFjD84oXvMD4km7a7FhUZGducWysg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96977f330b59-OSL

flaredownload.com/prod/images/1f98d63b3bd5b60546b0fe5159d1b7b8.png

104.21.19.111

200 OK

5.4 kB

URL GET HTTP/3
flaredownload.com/prod/images/1f98d63b3bd5b60546b0fe5159d1b7b8.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 646 x 116, 8-bit colormap, non-interlaced
Size
5.4 kB (5415 bytes)
Hash
b169e30ad5cb8b0b613ae6c3006afbe0
b0f804da985ec024b15155f33084ee796d1abc0d
7f474dce0f1f49839379e2c6c1130a4a399ccfc5b173eb89dbbc28c83d75a803

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/1f98d63b3bd5b60546b0fe5159d1b7b8.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 5415
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-1527"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZj%2BIA0UrpDDafJhRFQeF%2BSjBvGW%2FYl1UWXtdTMxWnvYpvpk3cmNxn3S5dakrz5PdremR7Uz%2FdVCfPzImgkX%2F8XVxQbt73yF01cGvJEeJJQ60rCRuJLU%2BxsapUle6YjRlo6DxRk37g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c969878190b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-8d3ca80f.woff2

104.21.19.111

200 OK

23 kB

URL GET HTTP/3
flaredownload.com/assets/hl-8d3ca80f.woff2
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22992, version 1.0
Size
23 kB (22992 bytes)
Hash
1efbd38aa76ddae2580fedf378276333
8a49976f2470ba2a1db6144245355d3b889312e4
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-8d3ca80f.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-04d68de7.css
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/octet-stream
content-length: 22992
last-modified: Fri, 10 May 2024 13:14:19 GMT
etag: "663e1dab-59d0"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhYfBPLBwYedlWXiQ0FdZPBDpI5ccGqYyGIkBIdbeMT6hwmw5HDl9j46wr5vJuISLsdgVCF%2FLKPnRyrkoxzmxGa9WKqlEY1nPnSfGdhBqAxVFdtw%2BMeXKFEf1FOsyHNTIY3Sq5JA%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c9698f87e0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-f93eab01.js

104.21.19.111

200 OK

5.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-f93eab01.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (5349), with no line terminators
Size
5.1 kB (5057 bytes)
Hash
f17f382b29a6610b8e82222383751bcd
11f196f6c512d368f5ebed5a795f3bcca017a757
028f8085e2b4738395bc0410e3dfdeb72aa681e8f7c15ed76a040b16b78965c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-f93eab01.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-a61a69c3.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5058
access-control-allow-origin: *
etag: W/"663e1dab-13c2"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2K6H99%2FJ9qXGKHCbz9qzYyxKPLOHLeRRchUuWvym7b4Aab5v1MxOez%2FOB3w14hgcrY20YCcQvnKF8zQViQPrQhI61eeuVL%2BenDpxlXWECUCYY0fiaDJf28542TUYq2ST%2BNh8KRXgmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96949c1e0b59-OSL

flaredownload.com/assets/hl-04d68de7.css

104.21.19.111

200 OK

114 kB

URL GET HTTP/3
flaredownload.com/assets/hl-04d68de7.css
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (65329)
Size
114 kB (114023 bytes)
Hash
038b389697202a86001d7cb8b113803c
c031ffb6795766b1babac743602c2d386b4e8d03
232cf36617bb2fd98321cbcd5fd0eb0cfbcf9b69c85a4d6e7d5134fc549436ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-04d68de7.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=114555
access-control-allow-origin: *
etag: W/"663e1dab-1bf7b"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1JvYZPncLYQ6sIiSz6bD51EYK7mPaZ1XA0Aln%2B24%2FDaanRy19ploOsUjX8JBUlTBKlPs4cslEAy%2BqvZsYiHE8cIEooLCjDC5xDaAl0W%2FFnDHYQcbHUWpLhOpYMHrvIYFdTemyvQ0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96959d2b0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-3e162dba.js

104.21.19.111

200 OK

779 B

URL GET HTTP/3
flaredownload.com/assets/hl-3e162dba.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (821), with no line terminators
Size
779 B (779 bytes)
Hash
a415038413732ca8bafa840d844b16c2
3c82a81c4665f1031324203c2a671db6fe676d17
4f740eec88a396a619211cfb88522cbfa71e73b77c1f3527b8d1843401a64531

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-3e162dba.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-d7413dd4.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"663e1dab-30c"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2u2R%2BpfW9jq6vrHVe%2BgENsonEBJihQv7gukpTjCPPuYnGU7k%2B5py%2BTE5P223syGtXDVp6Aj6WrbsjQkP4uhrfVDjjPo%2FyW%2FKsR09w7w9Yf3tD9SLY%2BDYlIx1i637Mbbb%2F3YY9gZYSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c969898370b59-OSL

flaredownload.com/assets/hl-70789bd7.woff2

104.21.19.111

200 OK

17 kB

URL GET HTTP/3
flaredownload.com/assets/hl-70789bd7.woff2
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17372, version 1.0
Size
17 kB (17372 bytes)
Hash
c02fb7419b8629666bf2ccc0a5177e3d
b70b21a3e6e55fbcbae137a3cbb4e05371c2bab6
70789bd70be9b6d68acd51063e499d6fe5e7fe53a654dab4fb00a8cf5bfe3637

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-70789bd7.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-04d68de7.css
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/octet-stream
content-length: 17372
last-modified: Fri, 10 May 2024 13:14:19 GMT
etag: "663e1dab-43dc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YnjsAQlPKI5d9gsolAg7q74j%2FQQCCldjoTcerxacFkjo0Dwe4o8yR9Q0NEkpe%2B2eefxnfcXAK7CoomU%2BncLzgv%2BHFatGvsLfkHSJDRb1pepDwlVZSJ67zwsZAGObKtVl5YMX7giZDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c969908820b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-28a0afe6.png

104.21.19.111

200 OK

132 kB

URL GET HTTP/3
flaredownload.com/assets/hl-28a0afe6.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 490 x 310, 8-bit/color RGBA, non-interlaced
Size
132 kB (132079 bytes)
Hash
663a088b73ce519c38adbad79e82d659
39ef28b09af2fdcf7f683c58efc18a43bd9e121f
28a0afe680833c1a10601e37f8a86a59b13f0e10aa03b9f5a5c53848639f77ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-28a0afe6.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-04d68de7.css
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 132079
last-modified: Fri, 10 May 2024 13:14:19 GMT
etag: "663e1dab-203ef"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dhj5WgVU8LGjMi0gUNa0hkDml6nSvOk67qJUFzqWU5NUCBchw5Ir%2FZcNfwNP%2BpjWlOw17J%2B8IhZDXlHiMlPdbECGHSWzaoaO9ss8E5HsqlEo4IymHZo579ggtZPR1LHNDZcKdvN6Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c9698c8560b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/visit/get-data?landingId=7867&subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=

104.21.19.111

200 OK

14 kB

URL GET HTTP/3
flaredownload.com/visit/get-data?landingId=7867&subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type

Size
14 kB (14400 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /visit/get-data?landingId=7867&subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: e2982b4975924b35a56ed6639b3f0dd0-a32053eb18a6706d-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=e2982b4975924b35a56ed6639b3f0dd0,sentry-sample_rate=0.1,sentry-sampled=false
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/json; charset=UTF-8
set-cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tpwd9amd%2FC8VGN%2BwQdrZm2wXiDRhBiG9xbrL2QdBEepquVmHe9FRaohrkpJlKgJ2XvzJMCYEUtxg43OfdSw9PFynzDRMNBGrw9nv32Y0U71z1%2BHk6JIGgql%2F%2Fv0biCDj9eArmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c96932b0a0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/favicon.ico

104.21.19.111

200 OK

4.3 kB

URL GET HTTP/3
flaredownload.com/favicon.ico
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
1ba2ae710d927f13d483fd5d1e548c9b
c0605efed936ee2600284e6480521d06fa64f872
db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/x-icon
last-modified: Wed, 13 Sep 2023 08:04:59 GMT
etag: W/"65016d2b-10be"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C8Tr3o1hFEC%2BDnvVGVpiUs3yI1w6Sv1BTTFr9FmoRodBdY2DZpfMzYiyv6mEMe6Yv1UcIMLyTfEtqD%2FItj4xKwIDxMbr4%2FfrKT0j0qDf%2FefwlZZ5GyaxSAzZ2wbuRv5seT25bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c9693db8f0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-bc49037c.js

104.21.19.111

200 OK

3.2 kB

URL GET HTTP/3
flaredownload.com/assets/hl-bc49037c.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (3248), with no line terminators
Size
3.2 kB (3167 bytes)
Hash
ae45e99f6d3f3485dae29774ae9fd5a3
fb6fb29dfac908d6859ab7a0c34d21c146746364
e37590b75dc94dac45bfec86ba9c1eabd5dbe48b97865517003158a10fc91704

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-bc49037c.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-a61a69c3.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
last-modified: Fri, 10 May 2024 13:14:19 GMT
etag: W/"663e1dab-c5f"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02Yr3yB%2FsfN6D75fk2Ghjp5lBYt2oKE0WAoToCReMzzrDCTdj%2BSatR82J4IkeWYPdLXSISNzkGqLyAUlVy2z8ilaVFDdu8muTk4uaeINkQxolAso4W5QUU%2FupvS0bzxQcE7WAfLorw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96948c0b0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/fab0ca77292b4d30dbf253d27c664fb3.jpg

104.21.19.111

200 OK

607 kB

URL GET HTTP/3
flaredownload.com/prod/images/fab0ca77292b4d30dbf253d27c664fb3.jpg
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1258, components 3
Size
607 kB (606551 bytes)
Hash
2296953043efaeb814b4ac9aa91b1edd
9947df98a24084f16562735b335d14d574f84d82
25d11bd085d802574f8fc54f57abea5572f97b91b0d0c89429736e7d5ba6567c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/fab0ca77292b4d30dbf253d27c664fb3.jpg HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/jpeg
content-length: 606551
cf-bgj: h2pri
access-control-allow-origin: *
etag: "662b9304-94157"
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FoLlIWg8aPmmh8rrxYvZZvjeFkvPq%2FgDxPA6xTnTDilLuSHKiwNulLxaw0TrfQUlYkFsZa4%2FV5z4eDjPt4XB7L0b7npoCzz3YLFBv9EdhoZUczQtXdxu1wnDtxNJrN9YnoLq5TrHcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c9698c84e0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=

104.21.19.111

200 OK

417 B

URL User Request GET HTTP/2
flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
HTML document, ASCII text, with very long lines (456), with no line terminators
Size
417 B (417 bytes)
Hash
f4b1b13cfac0ef257175a471507f9568
670e119712eabb3d72b52f8ca4d5c07598488cd5
79d0bafc8ab07f259876416bbbb4b386ce4934c871cf764790031e4c3cf180df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 20:13:08 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T1pZy0ehaY7yC%2FZVdnwhjNnuCktYP9%2F0BKfzbslmC%2Fx3Cjb2G%2BPXqVqxuafDMnBzp1W9GgYLyXwSSwA4aFTPYuL0%2FQXR%2F6kgg6kwfQuaJn8kZbfvbVFmr54cUTJOayZhEAKqZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c968fbf8856b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-06c5bc34.js

104.21.19.111

200 OK

418 B

URL GET HTTP/3
flaredownload.com/assets/hl-06c5bc34.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (440), with no line terminators
Size
418 B (418 bytes)
Hash
f337bbc143b59ab9ade9e12ee268a4c6
41e5f6efb8b4120e0f3cea55996b91cc989a973f
c1a982f0f0250be07ac8c2baf85042557bb2a9a026bd6c3856319ae40abfcf31

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-06c5bc34.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=419
access-control-allow-origin: *
etag: W/"663e1dab-1a3"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APcuaSduoKTA2n8nJxTfuYlxBaGt0GAXfY4ie1AYG6qRkz3UmafRCDA%2B4P5oa%2FTw6YZADFFcky3aeB%2FX7ckdN%2Bs1sbOIL9t6AzkVQ8VbSTpFWZ5PVguC5yQHU%2FyP2CaKjzuqN9EJEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96949c180b59-OSL

flaredownload.com/assets/hl-7899f489.js

104.21.19.111

200 OK

7.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-7899f489.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (7803), with no line terminators
Size
7.1 kB (7113 bytes)
Hash
a7f21f940847a7851be6ea8dfcd1798f
3c8337b90d2705482190060e4753ba47e542b101
654d4cfb510abbc4fd095349a78188acf1e0f002f05206058df65f8befabb5f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-7899f489.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-49fdde2e.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=7114
access-control-allow-origin: *
etag: W/"663e1dab-1bca"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5oy%2FYX603VH%2Fm1YYd3Fa%2BOGMr1npdlQebYluemFdnw2lbk8eJz0foP4vjlgLqI6yfQiVeVdbarfNkLCa9PyV6WoznKpQoylq8KIPud6N8FPp0EE1XNEaFbGepZgSeo7R5%2Fx28vQ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96973ef60b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-496efccd.js

104.21.19.111

200 OK

915 B

URL GET HTTP/3
flaredownload.com/assets/hl-496efccd.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (943), with no line terminators
Size
915 B (915 bytes)
Hash
201d2c9e10aef47f2c60adb088eddbca
3b51d623b713e3073e64554691514acb1b26b3d4
f0400932289b6c0f0bd6463f83ee79758ddf69bde7076580a3e4a7be8dc9df5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-496efccd.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-7899f489.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=916
access-control-allow-origin: *
etag: W/"663e1dab-394"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6RxvtTKLGp0j5bZi%2FZdC0BTkMtVu%2Bq%2B2ZDqVlvWN9HqcnDYQZNXPgoeSXnV%2FK6LVq8cQ0WmFPiPIwiV1sw0m2NANs%2F2PwezlWGb4F%2FSMVLcMaTm9epP807t9E6h6McY%2BKnFFKVI5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96977f2e0b59-OSL

flaredownload.com/prod/images/58294b522e31bd664bc6d1dd76cec438.png

104.21.19.111

200 OK

4.8 kB

URL GET HTTP/3
flaredownload.com/prod/images/58294b522e31bd664bc6d1dd76cec438.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 190 x 108, 8-bit/color RGBA, non-interlaced
Size
4.8 kB (4792 bytes)
Hash
12e2bcc7cae9c2211a695df886e28e9b
0e31a94632d7efa8ca00b3d84b90f3e61fcc7322
cdebbfd2ef3531023cb60b657445e188a0e76824338edc4ada292ac7ab1e164f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/58294b522e31bd664bc6d1dd76cec438.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 4792
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-12b8"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BsXSQaqY7Vblj8A2d0QKC22fFKzkjRqsai%2F%2BG6EzA31uLW%2BWK8VZaKuc17U6FiUXbLvyXUa6Pbu%2Bcsn%2FAgvlD8zrfDCQUEZq5jzJCfA2KKkDX9nTAxfZmkSnwgn%2F4l01vCp03TGzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c9698781a0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-f93eab01.js

104.21.19.111

200 OK

5.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-f93eab01.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (5349), with no line terminators
Size
5.1 kB (5057 bytes)
Hash
f17f382b29a6610b8e82222383751bcd
11f196f6c512d368f5ebed5a795f3bcca017a757
028f8085e2b4738395bc0410e3dfdeb72aa681e8f7c15ed76a040b16b78965c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-f93eab01.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5058
access-control-allow-origin: *
etag: W/"663e1dab-13c2"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2K6H99%2FJ9qXGKHCbz9qzYyxKPLOHLeRRchUuWvym7b4Aab5v1MxOez%2FOB3w14hgcrY20YCcQvnKF8zQViQPrQhI61eeuVL%2BenDpxlXWECUCYY0fiaDJf28542TUYq2ST%2BNh8KRXgmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96948c130b59-OSL

flaredownload.com/prod/images/1f98d63b3bd5b60546b0fe5159d1b7b8.png

104.21.19.111

200 OK

5.4 kB

URL GET HTTP/3
flaredownload.com/prod/images/1f98d63b3bd5b60546b0fe5159d1b7b8.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 646 x 116, 8-bit colormap, non-interlaced
Size
5.4 kB (5415 bytes)
Hash
b169e30ad5cb8b0b613ae6c3006afbe0
b0f804da985ec024b15155f33084ee796d1abc0d
7f474dce0f1f49839379e2c6c1130a4a399ccfc5b173eb89dbbc28c83d75a803

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/1f98d63b3bd5b60546b0fe5159d1b7b8.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 5415
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-1527"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rZj%2BIA0UrpDDafJhRFQeF%2BSjBvGW%2FYl1UWXtdTMxWnvYpvpk3cmNxn3S5dakrz5PdremR7Uz%2FdVCfPzImgkX%2F8XVxQbt73yF01cGvJEeJJQ60rCRuJLU%2BxsapUle6YjRlo6DxRk37g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c96980fbb0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-3e162dba.js

104.21.19.111

200 OK

779 B

URL GET HTTP/3
flaredownload.com/assets/hl-3e162dba.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (821), with no line terminators
Size
779 B (779 bytes)
Hash
a415038413732ca8bafa840d844b16c2
3c82a81c4665f1031324203c2a671db6fe676d17
4f740eec88a396a619211cfb88522cbfa71e73b77c1f3527b8d1843401a64531

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-3e162dba.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"663e1dab-30c"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2u2R%2BpfW9jq6vrHVe%2BgENsonEBJihQv7gukpTjCPPuYnGU7k%2B5py%2BTE5P223syGtXDVp6Aj6WrbsjQkP4uhrfVDjjPo%2FyW%2FKsR09w7w9Yf3tD9SLY%2BDYlIx1i637Mbbb%2F3YY9gZYSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c969878100b59-OSL

flaredownload.com/assets/hl-edb2da2a.js

104.21.19.111

200 OK

1.4 kB

URL GET HTTP/3
flaredownload.com/assets/hl-edb2da2a.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1438), with no line terminators
Size
1.4 kB (1410 bytes)
Hash
862c9cf6fcd7b7f9a63460432c1c4cd4
fd37338a883a89512e82afbc9c5e226b871d4fed
cd09ea827717eb9bf6f24164c61f1c8c8fbf4c41d80b4c9bdf48cefede2e3290

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-edb2da2a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1413
access-control-allow-origin: *
etag: W/"663e1dab-585"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OtBj%2BBObUNBy5G9z80yhrQZ4qvbmn0orXKHPaJfIDPCvmXoonV0BDx6mGl7dYpSnB4BPlbOhBHbk4TCV4wNYQmwPz6JwQBbl%2BBG0Wge2hFs2KQYTmjdDiPDvrfCnH4iXT%2FQ30ByOCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96949c1a0b59-OSL

flaredownload.com/assets/hl-06c5bc34.js

104.21.19.111

200 OK

418 B

URL GET HTTP/3
flaredownload.com/assets/hl-06c5bc34.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (440), with no line terminators
Size
418 B (418 bytes)
Hash
f337bbc143b59ab9ade9e12ee268a4c6
41e5f6efb8b4120e0f3cea55996b91cc989a973f
c1a982f0f0250be07ac8c2baf85042557bb2a9a026bd6c3856319ae40abfcf31

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-06c5bc34.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-f93eab01.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=419
access-control-allow-origin: *
etag: W/"663e1dab-1a3"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APcuaSduoKTA2n8nJxTfuYlxBaGt0GAXfY4ie1AYG6qRkz3UmafRCDA%2B4P5oa%2FTw6YZADFFcky3aeB%2FX7ckdN%2Bs1sbOIL9t6AzkVQ8VbSTpFWZ5PVguC5yQHU%2FyP2CaKjzuqN9EJEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c9694cc420b59-OSL

flaredownload.com/assets/hl-7899f489.js

104.21.19.111

200 OK

7.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-7899f489.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (7803), with no line terminators
Size
7.1 kB (7113 bytes)
Hash
a7f21f940847a7851be6ea8dfcd1798f
3c8337b90d2705482190060e4753ba47e542b101
654d4cfb510abbc4fd095349a78188acf1e0f002f05206058df65f8befabb5f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-7899f489.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=7114
access-control-allow-origin: *
etag: W/"663e1dab-1bca"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5oy%2FYX603VH%2Fm1YYd3Fa%2BOGMr1npdlQebYluemFdnw2lbk8eJz0foP4vjlgLqI6yfQiVeVdbarfNkLCa9PyV6WoznKpQoylq8KIPud6N8FPp0EE1XNEaFbGepZgSeo7R5%2Fx28vQ2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96959d2f0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-496efccd.js

104.21.19.111

200 OK

915 B

URL GET HTTP/3
flaredownload.com/assets/hl-496efccd.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (943), with no line terminators
Size
915 B (915 bytes)
Hash
201d2c9e10aef47f2c60adb088eddbca
3b51d623b713e3073e64554691514acb1b26b3d4
f0400932289b6c0f0bd6463f83ee79758ddf69bde7076580a3e4a7be8dc9df5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-496efccd.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=916
access-control-allow-origin: *
etag: W/"663e1dab-394"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6RxvtTKLGp0j5bZi%2FZdC0BTkMtVu%2Bq%2B2ZDqVlvWN9HqcnDYQZNXPgoeSXnV%2FK6LVq8cQ0WmFPiPIwiV1sw0m2NANs%2F2PwezlWGb4F%2FSMVLcMaTm9epP807t9E6h6McY%2BKnFFKVI5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c9695ad490b59-OSL

flaredownload.com/lead/prefill

104.21.19.111

200 OK

64 B

URL POST HTTP/3
flaredownload.com/lead/prefill
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
0a00dc476383c35bcfbc0ea44c3a60ea
36ebdfa0bfa4aa0ec8f4d7417d2112bae7d406db
819bd596583bc3bc638b2fa8d87d80b16551a1d68abb86261795db848cc226d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /lead/prefill HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
sentry-trace: e2982b4975924b35a56ed6639b3f0dd0-b23da9dfbbf6b507-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=e2982b4975924b35a56ed6639b3f0dd0,sentry-sample_rate=0.1,sentry-transaction=LandingHome,sentry-sampled=false
Content-Length: 56
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xRa86r93R1nCylQ0RTJfot%2FsdRIYjrTZ8D9pXOBUWJpQ2sf9zoZgA%2BFkgsQzgzex2qoMqw9LjT0kf7%2BBHtoRlxGvHgPVRtcRQc07i%2FZJ4Mugc9rHh%2Fbu2%2BEF1i9nyneK4Fdr2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c969868020b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-3638d339.woff2

104.21.19.111

200 OK

17 kB

URL GET HTTP/3
flaredownload.com/assets/hl-3638d339.woff2
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16860, version 1.0
Size
17 kB (16860 bytes)
Hash
13049c7a16af3e830b7668f15f8e668a
f9eca560164be1be239e42c43cf8bb07aa7d8f14
3638d33930adfd35323251395221e7b9e1f2a641e6a1ead6e9d18d09588a2cfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-3638d339.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-04d68de7.css
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/octet-stream
content-length: 16860
last-modified: Fri, 10 May 2024 13:14:19 GMT
etag: "663e1dab-41dc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WtDqN%2F011wrWVLebij2Cn%2Fh00KsBeVXukWJ7muFW6%2FaGzdyvHB9m%2BGqBk7yjt9L1tzbxUIYbeQOlFh0UNO%2B9PTYjXs%2FZLQLmwW9ZvWOorJKi%2FpEYUiLjhHjK8eUzb%2BK6WKJx0oEtsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c9698c8590b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-a61a69c3.js

104.21.19.111

200 OK

268 kB

URL GET HTTP/3
flaredownload.com/assets/hl-a61a69c3.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
268 kB (267721 bytes)
Hash
7098d9d54596a85e29ba4fb43d7adb65
a00378fee4d268b6c0013e6dc628dc190a6ed99f
f3331b5213a71df12356649e86b5f89b7f1e5ff0280fdecfbae3e56271a73c30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-a61a69c3.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=267744
access-control-allow-origin: *
etag: W/"663e1dab-415e0"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R015q3S16uZXw2uHbyG19V4FyqIYdrqKIZaOKM62xVvDSpsBzDCLsGJ3airo72kY%2F%2BuOIo3KMGC9V%2FgX2Rd300HK8rEVcEJ8mzBNHp7Aj%2F0A59uAV328CUcXi3Kh6gUiWB6u8q2EFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 6
server: cloudflare
cf-ray: 881c96950c7f0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/58294b522e31bd664bc6d1dd76cec438.png

104.21.19.111

200 OK

4.8 kB

URL GET HTTP/3
flaredownload.com/prod/images/58294b522e31bd664bc6d1dd76cec438.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 190 x 108, 8-bit/color RGBA, non-interlaced
Size
4.8 kB (4792 bytes)
Hash
12e2bcc7cae9c2211a695df886e28e9b
0e31a94632d7efa8ca00b3d84b90f3e61fcc7322
cdebbfd2ef3531023cb60b657445e188a0e76824338edc4ada292ac7ab1e164f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/58294b522e31bd664bc6d1dd76cec438.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: image/png
content-length: 4792
last-modified: Fri, 26 Apr 2024 11:41:56 GMT
etag: "662b9304-12b8"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BsXSQaqY7Vblj8A2d0QKC22fFKzkjRqsai%2F%2BG6EzA31uLW%2BWK8VZaKuc17U6FiUXbLvyXUa6Pbu%2Bcsn%2FAgvlD8zrfDCQUEZq5jzJCfA2KKkDX9nTAxfZmkSnwgn%2F4l01vCp03TGzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c96980fbf0b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-a61a69c3.js

104.21.19.111

200 OK

268 kB

URL GET HTTP/3
flaredownload.com/assets/hl-a61a69c3.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
268 kB (267721 bytes)
Hash
7098d9d54596a85e29ba4fb43d7adb65
a00378fee4d268b6c0013e6dc628dc190a6ed99f
f3331b5213a71df12356649e86b5f89b7f1e5ff0280fdecfbae3e56271a73c30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-a61a69c3.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:08 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=267744
access-control-allow-origin: *
etag: W/"663e1dab-415e0"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R015q3S16uZXw2uHbyG19V4FyqIYdrqKIZaOKM62xVvDSpsBzDCLsGJ3airo72kY%2F%2BuOIo3KMGC9V%2FgX2Rd300HK8rEVcEJ8mzBNHp7Aj%2F0A59uAV328CUcXi3Kh6gUiWB6u8q2EFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c96925a470b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-c3c0d3f4.woff2

104.21.19.111

200 OK

24 kB

URL GET HTTP/3
flaredownload.com/assets/hl-c3c0d3f4.woff2
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23484, version 1.0
Size
24 kB (23484 bytes)
Hash
b4d2c4c39853ee244272c04999b230ba
c82e22dde9716c40ba20e6c7ed03a1b66556de15
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-c3c0d3f4.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-04d68de7.css
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/octet-stream
content-length: 23484
last-modified: Fri, 10 May 2024 13:14:19 GMT
etag: "663e1dab-5bbc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHwSgtDe84D9pK3FCbSBLhi70%2Fgg03%2BhgdrewIUqfVQvi7nByRvojGaOQQCPk1eicP9XhTGSAnaAbK6HFBiPe8QljALkccSidD%2BIX3i6jGWycmVJMh%2Fcjh0BPomTLBRx0tdp%2BRVDTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
accept-ranges: bytes
server: cloudflare
cf-ray: 881c9698d8610b59-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-edb2da2a.js

104.21.19.111

200 OK

1.4 kB

URL GET HTTP/3
flaredownload.com/assets/hl-edb2da2a.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/streaming-club-1?subid=b408c83a-304c-439b-b94d-b6cff2165c7e&networkid=200347&publisher=154527659609a3189c0518324ac14aea2&isNewTr=1&stream=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1438), with no line terminators
Size
1.4 kB (1410 bytes)
Hash
862c9cf6fcd7b7f9a63460432c1c4cd4
fd37338a883a89512e82afbc9c5e226b871d4fed
cd09ea827717eb9bf6f24164c61f1c8c8fbf4c41d80b4c9bdf48cefede2e3290

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-edb2da2a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-f93eab01.js
Cookie: visitInfo::7867=b27252d092076716b9b0366cb7cfd4e2d7cafa3df9ebdf0fd108d3b7f7ecc02aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7867%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%223c5f26b06d45f1cfd9b529070868cd7f%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A33%3A%22154527659609a3189c0518324ac14aea2%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22b408c83a-304c-439b-b94d-b6cff2165c7e%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 20:13:09 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1413
access-control-allow-origin: *
etag: W/"663e1dab-585"
last-modified: Fri, 10 May 2024 13:14:19 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OtBj%2BBObUNBy5G9z80yhrQZ4qvbmn0orXKHPaJfIDPCvmXoonV0BDx6mGl7dYpSnB4BPlbOhBHbk4TCV4wNYQmwPz6JwQBbl%2BBG0Wge2hFs2KQYTmjdDiPDvrfCnH4iXT%2FQ30ByOCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 5
server: cloudflare
cf-ray: 881c9694cc460b59-OSL

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML