Report - flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=

Report Overview

Submitted URL
flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
IP
172.67.186.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-08 04:09:36
Access
public
Website Title
Unlock your favorite content now!
Final URL
flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
84

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
flaredownload.com	unknown	2024-01-18	2024-01-19	2024-04-18	36 kB	886 kB	172.67.186.1
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-07	881 B	166 kB	142.250.74.168
secureanalytic.com	13422	2019-05-02	2015-12-31	2024-05-04	447 B	4.0 kB	104.21.77.48
event.secureanalytic.com	30491	2019-05-02	2021-07-14	2024-05-04	529 B	1.6 kB	104.21.77.48
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	446 B	9.4 kB	142.250.74.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed
2024-05-08	medium	flaredownload.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	flaredownload.com/en_us/sandbox%20eval%20code	147 B	2023-04-11	2024-05-19
Pretty URL flaredownload.com/en_us/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 20:51:49 Times Seen350810 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 20:51:48 Times Seen350295 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	flaredownload.com/assets/hl-af68a598.js	360 B	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-af68a598.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:33:29 Last Seen2024-05-08 06:09:37 Times Seen4 Hash 89bbeff1daa0abfe3e0a7441d0d3328a 95f415a997a0348a27d90a9b324515a4e0127202 4ac995e3e83bf5b742f17946d2a2da045974a8f44a97614d7e035f310526ad9d Loading...

	flaredownload.com/assets/hl-5d7a8293.js	4.8 kB	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-5d7a8293.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:33:29 Last Seen2024-05-08 06:09:37 Times Seen8 Hash d2bc469eed16dc86100f035b1c5f966d 29e00d2e444fb3d19c26bd32942c2d6bc230c971 2dac1f01abbc36e492fad1b852eb6ef3138186d56b93504d6a86d3af15a93345 Loading...

	flaredownload.com/assets/hl-de833af9.js	690 B	2023-11-04	2024-05-19
Pretty URL flaredownload.com/assets/hl-de833af9.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-11-04 19:20:12 Last Seen2024-05-19 19:04:07 Times Seen187 Hash 07f4201d4f772dc3825f3399bb217552 e70c0af48037b02ab9ea515952b889f9eb7bcdb1 5103bcdb5637c56d4a70564479cef8e07ec2d3f00620b428cdb36c28c430d906 Loading...

	secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com	8.1 kB	2024-05-02	2024-05-19
Pretty URL secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com IP 104.21.77.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 23:53:13 Last Seen2024-05-19 19:04:07 Times Seen81 Hash f0fab3cc04750bba62119045aad0cca4 c4bac1f34757d7d9553b0f9d23b1d419e908e62e 4590979b3d0fa22e8974e8b9d80124d0f02b6accbb154ff6e9c67b59e9fcf2c6 Loading...

	flaredownload.com/assets/hl-df7628f8.js	2.8 kB	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-df7628f8.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:37 Times Seen5 Hash d7336f715313e5c98829f811c8bad75d 483645778f0cbaf444c0ae6c3745aba261bc4c28 371b971cf0c509d16c73815d387a3e8f8ecce48194f3b2671bc4ca84d226daf8 Loading...

	flaredownload.com/assets/hl-76eb7d98.js	616 B	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-76eb7d98.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:37 Times Seen4 Hash c04e5b36bb60d35ef0895fa466ef613d e1ced0cdfc9aa890739dcb5333b658ba255177d5 eced87f52ba8e2d03a886ff2a6d4fbf87acd7f7892a0317527dfa6df58659f67 Loading...

	flaredownload.com/assets/hl-e625189b.js	3.2 kB	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-e625189b.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:33:29 Last Seen2024-05-08 06:09:37 Times Seen3 Hash dc6b2da99797e3602c93b0e37a9c1807 f966bdd7a2a8c7e6a55cfe037edd28499c9ce7d9 213aee5abb58ddcef2e08524327c211ea0debfc23f673cfd85b0308bb2ac9483 Loading...

	www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c	254 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:09:38 Last Seen2024-05-08 06:09:38 Times Seen2 Hash 8fe760deff0a6c6a58234583a365af2c e1a0f3bf18316561975aac4d09f8d91f279c9421 9e168508b65a3b8fb797273a1625ee62185d480b46496a63c3d52850e9c1cabd Loading...

	flaredownload.com/assets/hl-df71e98f.js	915 B	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-df71e98f.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:38 Times Seen6 Hash 60a5eed01c0dddc43d1759559fd28060 1e925a2e069a52ff67cd312e1fe8fa8f4f6d2fef ac592a8b360e2139a861144c2c666bf0af96809e06e392171549d3ad9c0f3e06 Loading...

	flaredownload.com/assets/hl-4ae220c2.js	779 B	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-4ae220c2.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:38 Times Seen6 Hash 425b8e07905530ece899be3e471f8de4 050b8cd6c8dded4cb5860882d4b69254563e501b c3cb2ecc41b20ffc0de2ee68d324287446c486d8b6dcbcddeefb6efad65d12bd Loading...

	flaredownload.com/assets/hl-449fd3ca.js	418 B	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-449fd3ca.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:38 Times Seen7 Hash a681492b373cf4f95d2121a01c44dfeb ede05f02d805cf75b35f7392d799722031dfa0c8 041691ae588a49650498b9ed5de6641bb9d5f41834c0f3f638c25c40d59796a8 Loading...

	unknown	162 B	2024-04-06	2024-05-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 17:32:25 Last Seen2024-05-19 11:40:14 Times Seen27 Hash e193bf714b31c897879cd92880a395e0 723115770c90558282dee4dbcfde3175c2a30a1f e0ab77eab014566a6194727273a32d9d4586baf3ab126564e0d30ed4a8c53db3 Loading...

	flaredownload.com/assets/hl-d3953248.js	1.3 kB	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-d3953248.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:38 Times Seen3 Hash 5edcd328f07ce30b59542428182da055 4c721bb289a90788eb737852e00597d97d750468 01095b65406e1f2f0ab85dd19a8d99c5edd9a02e23fa3d76bafe2c8f94a3636a Loading...

	flaredownload.com/assets/hl-8ecdb346.js	6.3 kB	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-8ecdb346.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:38 Times Seen4 Hash a0891e0d0ae5d3784fcc2855237e2e59 fbc7368dbe6657799b9e1ff17393ab13acaeaf98 f9347681a1baa2a457fae6aa36a38305aec428c487504e5a7c2cfb1953488d1f Loading...

	flaredownload.com/assets/hl-346b376b.js	1.9 kB	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-346b376b.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:38 Times Seen4 Hash cd56ae20871b8538f7e7853ca23327d5 0cae750a51f95719db7b6e35b89e92c4f1ccb62f efd8cf49b9d3728a6b01efd2ccf83055e5dcad927b3ed9800266e490b2086c06 Loading...

	flaredownload.com/assets/hl-35a77ba0.js	72 kB	2024-04-18	2024-05-19
Pretty URL flaredownload.com/assets/hl-35a77ba0.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:16:42 Last Seen2024-05-19 19:04:07 Times Seen187 Hash f87da472e47dc575b6cb8dc377d18916 bff262654ae71f3be0a658cfbe5a53c787c05d55 5c38207c92f3650eaef6616521c8b1e0a03ceb384030f1c2b67cb75e25925ca8 Loading...

	flaredownload.com/assets/hl-1d9299f0.js	1.3 kB	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-1d9299f0.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:33:29 Last Seen2024-05-08 06:09:38 Times Seen8 Hash d30d63e213b7d35b73f36beaef1cf4bb 0ecfd946d636dc44f170642cf18d1492eb7d09d9 af59a1cb10bd70b6c0eb7eb16d7fdf201ffcd46e80d56e1e8415daf4ac401950 Loading...

	www.googletagmanager.com/gtag/js?id=UA-195162716-6	208 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-195162716-6 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 06:09:38 Last Seen2024-05-08 06:09:38 Times Seen2 Hash 8f84f1fe3493aa1dd700aa05d233c5cb 33a49e44dcc3bf1ba7435e72f30168f6415f95af 7640df73f8b070273fba6cc6b69d284529a4683cf7937f6c52c4f80958619ab9 Loading...

	flaredownload.com/assets/hl-9c710746.js	1.9 kB	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-9c710746.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:38 Times Seen3 Hash 3bafdf2e59482def68f1f921eed58026 7f9b906a31bf8d9b6d0ff3f63d5a95c54e3b7d0f 62de958df7bb7fdd81edfc79c5bc0ac6f2039f216d20b34f55aaed379c203fdb Loading...

	flaredownload.com/assets/hl-4f13edc9.js	426 B	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-4f13edc9.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:38 Times Seen2 Hash 4a4c0099cffe08b392afadd016894da5 2c7405f99a8e920265b67541e6f183b0581b9a25 3a49a5b2360fe0fff92d7a9aa54977e5fd409e454738492aa62cd4231c20b449 Loading...

	flaredownload.com/assets/hl-edb2da2a.js	1.4 kB	2024-04-18	2024-05-19
Pretty URL flaredownload.com/assets/hl-edb2da2a.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:16:43 Last Seen2024-05-19 19:04:07 Times Seen174 Hash 0fb9d8a5fba7f6a569da52896f965ea3 6e57202028341c2674083acf9e428817c6725c6c 30137b4b0317a40d0c195fff2b2cd054bb39adf2fb94d357f269cb36e3c11581 Loading...

	flaredownload.com/assets/hl-016c1a2d.js	266 kB	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-016c1a2d.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 16:33:29 Last Seen2024-05-08 06:09:38 Times Seen9 Hash 6f9b2057062a1662be08363e30596a68 f82cded4ee9eecfbc1712e636c6fe4fadc8ec0d1 c00ad680dd0968e24075c04746e1a39be2a69cd9c3a374bae7587fd4d0454d54 Loading...

	flaredownload.com/assets/hl-b598c105.js	561 B	2024-05-07	2024-05-08
Pretty URL flaredownload.com/assets/hl-b598c105.js IP 172.67.186.1 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-05-07 16:33:30 Last Seen2024-05-08 06:09:38 Times Seen6 Hash 572a8d2fc6e9403a186c47bc4299d87a 8885cc21801bcca938fb2ed9fea47fca6c27a56a aafbc4631c3ac6344630f7a8b26797f44c3619ec734d9081f5d6c3232d13c834 Loading...

HTTP Transactions (47)

URL IP Response Size

flaredownload.com/assets/hl-d98910d4.css

172.67.186.1

200 OK

17 kB

URL GET HTTP/3
flaredownload.com/assets/hl-d98910d4.css
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (65329)
Size
17 kB (16570 bytes)
Hash
a1713c7a8fb53e78bbd5a1c76068791d
c15ca4f1e62bde996f9c72fb4a3e3f584b966741
cd7e4b31039bf939306ab3d38291f59e92069a24744e4b359b557aba0eb5b219

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-d98910d4.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=77791
access-control-allow-origin: *
etag: W/"6639e6e2-12fdf"
last-modified: Tue, 07 May 2024 08:31:30 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBl2qGLnweKxzzWH2%2F%2BajZG2LAQIvdM9fsjiFRfMNEALKpj6NXkXh6rxX45wZ8vRw5cyv5RaN4UFosYxWg3hBFVCP8ejNzkMu4c%2BAa0VCB9uYARIaDI1z%2FA5O2yGf0w5ocNmHeKAsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697c6dc27b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=UA-195162716-6

142.250.74.168

200 OK

75 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-195162716-6
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
75 kB (74749 bytes)
Hash
8f84f1fe3493aa1dd700aa05d233c5cb
33a49e44dcc3bf1ba7435e72f30168f6415f95af
7640df73f8b070273fba6cc6b69d284529a4683cf7937f6c52c4f80958619ab9

HTTP Headers

GET /gtag/js?id=UA-195162716-6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 04:09:11 GMT
expires: Wed, 08 May 2024 04:09:11 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74749
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-d3953248.js

172.67.186.1

200 OK

885 B

URL GET HTTP/3
flaredownload.com/assets/hl-d3953248.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (1263), with no line terminators
Size
885 B (885 bytes)
Hash
5edcd328f07ce30b59542428182da055
4c721bb289a90788eb737852e00597d97d750468
01095b65406e1f2f0ab85dd19a8d99c5edd9a02e23fa3d76bafe2c8f94a3636a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-d3953248.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1264
access-control-allow-origin: *
etag: W/"6639e6e3-4f0"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itQZ29yW7vzOT90LW0Vd%2FAsRH181uA0t4BS2U%2BEYpusU73iu0lQoaDzMSEaMJm6to9oLSdojqye7q7nVE42nOSOV3rCXVXPr3azsIUEMQF305fjNiKH4YGT33kRClY%2BmvVryqaPgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c6ec29b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c

142.250.74.168

200 OK

90 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
90 kB (89898 bytes)
Hash
8fe760deff0a6c6a58234583a365af2c
e1a0f3bf18316561975aac4d09f8d91f279c9421
9e168508b65a3b8fb797273a1625ee62185d480b46496a63c3d52850e9c1cabd

HTTP Headers

GET /gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 04:09:11 GMT
expires: Wed, 08 May 2024 04:09:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89898
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flaredownload.com/prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png

172.67.186.1

200 OK

9.2 kB

URL GET HTTP/3
flaredownload.com/prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
9.2 kB (9232 bytes)
Hash
f4a32eb2e5f203dab4882f7b7581b06e
8d51933205a3ed27c2c6bd0182142d6f8432d929
83ec91fc25549922aa0f873a3dc6a3e71f83d8b8cd75fb018475762be29a894e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: image/png
content-length: 9232
last-modified: Tue, 03 Aug 2021 15:21:51 GMT
etag: "61095f0f-2410"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nkj8Yhzkz80mEqdX7JqkqkHtkIYRw%2F0JtoU106KLZttVyxnHwzIImp07LjV2WrQBzo%2FRQ1ei22AFHo5%2FvuM3gb4FCglWYPUFIjyayFOxkSeBeKyFm8Fj3nK%2B7mMwKDWlmbX03MtuUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 880697c95d3db4fa-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png

172.67.186.1

200 OK

3.2 kB

URL GET HTTP/3
flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced
Size
3.2 kB (3235 bytes)
Hash
18e8c55ad549933e62ee40b8c7adbdd0
f7bc824a4c70a4babc07b21fcbd413885128e92e
69bec757694a537e73efba217eaca74df87935a063fe5c6a25f22c7e196f6520

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: image/png
content-length: 3235
last-modified: Mon, 24 Apr 2023 09:10:42 GMT
etag: "64464792-ca3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtW6i1x0eJ6HoreNg7BTITNxk4QdaJFVOgdNKHSWjCrSswvyrssE4H2S4LWrnxOcT0YMNZHDU6MkgUvrdh%2BlpJYW7U2Gp75nqJ9msZ8gZkLoa12Kbeb5LQfBP9mWKmIiWR9xJJa9HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 880697ca4ddab4fa-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png

172.67.186.1

971 B

URL GET
flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png
IP
172.67.186.1:0
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 111 x 75, 8-bit colormap, non-interlaced
Size
971 B (971 bytes)
Hash
2f40fa92fce11c340f70807da03ac0b2
89ef777357b185dee8937a3da0983f39f156fb10
44990fb54269fdec9302792e2c01543679151dbfb279e63089e28656884b3794

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/2f40fa92fce11c340f70807da03ac0b2.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: image/png
content-length: 971
last-modified: Thu, 13 Jan 2022 13:22:43 GMT
etag: "61e027a3-3cb"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVXxjRq8LSvj%2FF7sV13cmWWG3O9kt24btWiolaNMOdRIUSYroyhYXzM4mALPZ2Cy3EsZzRBe9M8ISz0xZRUm%2F7EbGQTQTE%2FAIJA58sTZ2KOg5jZPXuMLvUJUOf%2BT4XcQJnMceMKUNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 880697ca4ddcb4fa-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-b93b9165.woff2

172.67.186.1

200 OK

8.0 kB

URL GET HTTP/3
flaredownload.com/assets/hl-b93b9165.woff2
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7988, version 1.0
Size
8.0 kB (7988 bytes)
Hash
087457026965f98466618a478c4b1b07
00b024ccb35e3694de662d180d6ea7f56de6d654
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-b93b9165.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/octet-stream
content-length: 7988
last-modified: Tue, 07 May 2024 08:31:30 GMT
etag: "6639e6e2-1f34"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWtvjCHvIpNNYi6rsQMPdkbYUTTFOmxwAhZpQvH2TtPwb4%2Fx9Hpntp8XdtL2KCpsVjT00N6kWLGclggkabs%2FOiklH6daFHDBzQELem%2BCbyH1xIinKaqLWgCUsjuOVT5yhxtfB8zGjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 880697ca7dedb4fa-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-449fd3ca.js

172.67.186.1

200 OK

8.2 kB

URL GET HTTP/3
flaredownload.com/assets/hl-449fd3ca.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (418), with no line terminators
Size
8.2 kB (8163 bytes)
Hash
a681492b373cf4f95d2121a01c44dfeb
ede05f02d805cf75b35f7392d799722031dfa0c8
041691ae588a49650498b9ed5de6641bb9d5f41834c0f3f638c25c40d59796a8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-449fd3ca.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=419
access-control-allow-origin: *
etag: W/"6639e6e3-1a3"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hyx6VM1o5L0jVFb%2FaLh31GF7ShBXyhoXCvU7IZlkrkg%2FcU3OWkftD0OmTzZHZdOVmJ4A52CliUODcwuHVBmIInx2qJUmacL2w1RTNMjWE8urO8CydRF6%2FRuzxOzJ9PLuWfINE8%2BPdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c5cb93b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com

104.21.77.48

200 OK

2.6 kB

URL GET HTTP/2
secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com
IP
104.21.77.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type
JavaScript source, ASCII text, with very long lines (8142)
Size
2.6 kB (2594 bytes)
Hash
f0fab3cc04750bba62119045aad0cca4
c4bac1f34757d7d9553b0f9d23b1d419e908e62e
4590979b3d0fa22e8974e8b9d80124d0f02b6accbb154ff6e9c67b59e9fcf2c6

HTTP Headers

GET /scripts/push/script/02eyoyxdkz?url=flaredownload.com HTTP/1.1
Host: secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: EXPIRED
last-modified: Tue, 07 May 2024 20:00:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wcm7I07kNIzCUwzdlOdxblOwBU65zYD04qP2%2Ff5C2RsUasJQHy%2FourtIUhYtkazw7vEqvDdEb2ZxAB7Ovm1KC0BGd70nqKwKkkaq8i7o4ZQM8ibkXCt40zq17lDMVWdPXBaOIg0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880697c64ca2b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

event.secureanalytic.com/register/event_log/v9e179lqez

104.21.77.48

200 OK

0 B

URL POST HTTP/2
event.secureanalytic.com/register/event_log/v9e179lqez
IP
104.21.77.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /register/event_log/v9e179lqez HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/
Content-type: application/json
Content-Length: 114
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params: 
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: SAMEORIGIN
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zRMjGwLJ7%2FBjsBtKcVnPou2VQV5HP6oAgg4FAgH36tfvLtWUKhuFdBkYQ4VFi2KJeEGRxLxbVONbtHzw63U1Dy%2BJ4m3TXN4Xjmjvrxf1gf5usiW9lIEIGm1OMJBHme6pkBl0OH3iCGvw1jw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880697cb0eb0b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-de833af9.js

172.67.186.1

200 OK

863 B

URL GET HTTP/3
flaredownload.com/assets/hl-de833af9.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (690), with no line terminators
Size
863 B (863 bytes)
Hash
07f4201d4f772dc3825f3399bb217552
e70c0af48037b02ab9ea515952b889f9eb7bcdb1
5103bcdb5637c56d4a70564479cef8e07ec2d3f00620b428cdb36c28c430d906

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-de833af9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=691
access-control-allow-origin: *
etag: W/"6639e6e3-2b3"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3mVKlAnuASvtCuisUHgZ0W5r4zgrg74eN9nIdDZs8A7LjD2expFpdR9MfDOf%2FkIspGOIxNftZtYpNX%2BCXLwW1JMaqv0smQZESUehuajCjE%2BAuJRg%2FcP%2FHHkZNvu2YUgwaJUws1%2Bmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c5ebaab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/visit/get-data?landingId=7748&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=

172.67.186.1

200 OK

16 kB

URL GET HTTP/3
flaredownload.com/visit/get-data?landingId=7748&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JSON text data
Size
16 kB (16533 bytes)
Hash
ed1386032c1dcaff5647e860f27fef6b
dbf75136306fbc8ebc7110c1ee5536cc51e9d63a
516d27cc30de62686b38875eb0b85642dadb29f30d522d4341c29b5dfc8c1958

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /visit/get-data?landingId=7748&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: 274b2fbf48af4295bfbb64968b82e8cf-b74626d5f82dc6c3-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=274b2fbf48af4295bfbb64968b82e8cf,sentry-sample_rate=0.1,sentry-sampled=false
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/json; charset=UTF-8
set-cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHh0hzHJ4CG3IWkGAXNld9%2F7gYPg7NAjsBK26KsHu70RDzO%2Fq1wAlR5kJHuqSSzr20TRUJZSvntP0xaIFNH3aEwXJluvG%2Fd0YAZBXLMTqqHsPN2CZsbBSKbgi3cHBTm%2BNV6Dlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880697c45aa5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-1d9299f0.js

172.67.186.1

200 OK

9.6 kB

URL GET HTTP/3
flaredownload.com/assets/hl-1d9299f0.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (305)
Size
9.6 kB (9552 bytes)
Hash
d30d63e213b7d35b73f36beaef1cf4bb
0ecfd946d636dc44f170642cf18d1492eb7d09d9
af59a1cb10bd70b6c0eb7eb16d7fdf201ffcd46e80d56e1e8415daf4ac401950

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-1d9299f0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-016c1a2d.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1286
access-control-allow-origin: *
etag: W/"6639e6e3-506"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YiGo4%2BPXXdBak%2F82L4Ava%2FgWa9Lj4Wf4T%2BCJeRPYaAC4%2F6AomJaM2j7Gnu1bbSTBO1XKchq17fACCIDPJ9qfptf12h81Zq5ccShLmdmwllY9xapaL042mWg6Y7uRGIm6gweSDyXaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 880697c5ebaeb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-edb2da2a.js

172.67.186.1

200 OK

14 kB

URL GET HTTP/3
flaredownload.com/assets/hl-edb2da2a.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1410), with no line terminators
Size
14 kB (14255 bytes)
Hash
0fb9d8a5fba7f6a569da52896f965ea3
6e57202028341c2674083acf9e428817c6725c6c
30137b4b0317a40d0c195fff2b2cd054bb39adf2fb94d357f269cb36e3c11581

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-edb2da2a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-5d7a8293.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1413
access-control-allow-origin: *
etag: W/"6639e6e3-585"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAEv3a1DSorbOMv3h9iyJbmvoq9fqsMG1V3%2Bh%2FlkxxaGfzEeZ8wqt%2BUzvnDwrPArAI26Cp%2BsqbcYitpQKkVzKrLSD8Iw%2BFLfldm8tZo4IM6X%2FehvemVz4bb1W%2FXUL695pxAFmimqYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 880697c67bebb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-9c710746.js

172.67.186.1

200 OK

6.2 kB

URL GET HTTP/3
flaredownload.com/assets/hl-9c710746.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (1877), with no line terminators
Size
6.2 kB (6242 bytes)
Hash
3bafdf2e59482def68f1f921eed58026
7f9b906a31bf8d9b6d0ff3f63d5a95c54e3b7d0f
62de958df7bb7fdd81edfc79c5bc0ac6f2039f216d20b34f55aaed379c203fdb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-9c710746.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1878
access-control-allow-origin: *
etag: W/"6639e6e3-756"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDw7eK3Q6hWhKmINoj8MUuNf8NLWagdIMqpBc6s9xAsqYeVRm8Jgxr0PLAq9Iw00uoYa1gYfybi%2BVPxDHw52d%2BUBYZNd0uqtZ%2BfIRSxypY99nOUVHnpdqOanpxPvSiSui3kFIqsmwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 880697c9cd66b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-df7628f8.js

172.67.186.1

200 OK

2.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-df7628f8.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (2919), with no line terminators
Size
2.8 kB (2841 bytes)
Hash
ebb150f7628084b5a2b845ff6b722fef
fc20037e7e252745866f61086814d61f0ed9632e
367a6126740f6beafac00eb851605cf8a2953549845c46fc892020a4e1c36375

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-df7628f8.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-8ecdb346.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"6639e6e3-b1a"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loLlazX0z8RVGM7PXzE%2FVVfcLfb4zw0f%2BU3g%2BTT3A3ni5utV90aRa0oBnCcNeygpd455e8WZvdf%2BPN6qq8y9yMf3OB9KaiyK8NaLv94Wc1huiWYn53DwCobz5Hd7joUOODj3s81tCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697ca5dddb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-76eb7d98.js

172.67.186.1

200 OK

616 B

URL GET HTTP/3
flaredownload.com/assets/hl-76eb7d98.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (636), with no line terminators
Size
616 B (616 bytes)
Hash
099fdbaaddc362dbfee0057dbff50e42
bb9ea6df527763127050ca50a6801810da55791d
55007d437735695935cee018f9583264b5652e527d3cd8ea83b96df0b07528a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-76eb7d98.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"6639e6e3-269"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guHlivo94So9AArP1aKI2jddzbf935JNK63v4OutNxuXENMlIaKe5y3N8ODAweZ4%2Fkb5IKdj7Oy84ocMkrkJlu%2B%2BRb5EcccJ8HqOeZa%2BGCXrkMzOVt22EtWqK5v%2BBNsoS4Iml7nRsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697ca4dd4b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-5d7a8293.js

172.67.186.1

200 OK

4.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-5d7a8293.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (5067), with no line terminators
Size
4.8 kB (4793 bytes)
Hash
1f91ead58338d8a945d6363574cf7ef0
72fc0d85425809081d32bb99f6375eb7ec68a46c
7badd4d4a64f29c09db7085e4135631af43a37220857a5795e36b651739e6c09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-5d7a8293.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-016c1a2d.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4794
access-control-allow-origin: *
etag: W/"6639e6e3-12ba"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gzkS168knr3sapuCvmTdyjBoHCx1DLfiNHVJ5ECgD3M08BiM18RR6dz0bZHiKd2QDbcuJUAAPRe9iZkp8kpLASzo5v%2FZMj2EfEQBIKYLAOBfuBVltGCr29mpD737fX2%2BvseFzRSY0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c5ebacb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-35a77ba0.js

172.67.186.1

200 OK

72 kB

URL GET HTTP/3
flaredownload.com/assets/hl-35a77ba0.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type

Size
72 kB (71682 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-1d9299f0.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"6639e6e3-11952"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVcE2h2qpwFs%2FBqD%2BbPTM5E%2FdOpI77D2urIhU7e8hxXvfovqFxouIh86RfkUYHzyr0GCbw9rfvQFs7BhNB2BS1zOvshhPu3EgJbxYYUQnvu5hzLq99C0lpoQZWnntMSgmvXBbUCk0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 880697c67becb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-76eb7d98.js

172.67.186.1

200 OK

616 B

URL GET HTTP/3
flaredownload.com/assets/hl-76eb7d98.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (636), with no line terminators
Size
616 B (616 bytes)
Hash
099fdbaaddc362dbfee0057dbff50e42
bb9ea6df527763127050ca50a6801810da55791d
55007d437735695935cee018f9583264b5652e527d3cd8ea83b96df0b07528a2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-76eb7d98.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-8ecdb346.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"6639e6e3-269"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guHlivo94So9AArP1aKI2jddzbf935JNK63v4OutNxuXENMlIaKe5y3N8ODAweZ4%2Fkb5IKdj7Oy84ocMkrkJlu%2B%2BRb5EcccJ8HqOeZa%2BGCXrkMzOVt22EtWqK5v%2BBNsoS4Iml7nRsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697ca5de1b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-35a77ba0.js

172.67.186.1

200 OK

72 kB

URL GET HTTP/3
flaredownload.com/assets/hl-35a77ba0.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type

Size
72 kB (71682 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"6639e6e3-11952"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVcE2h2qpwFs%2FBqD%2BbPTM5E%2FdOpI77D2urIhU7e8hxXvfovqFxouIh86RfkUYHzyr0GCbw9rfvQFs7BhNB2BS1zOvshhPu3EgJbxYYUQnvu5hzLq99C0lpoQZWnntMSgmvXBbUCk0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c5eba8b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-df71e98f.js

172.67.186.1

200 OK

915 B

URL GET HTTP/3
flaredownload.com/assets/hl-df71e98f.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (943), with no line terminators
Size
915 B (915 bytes)
Hash
ebd0d54d990ddcfaea069173441018a6
abe061cb6d696dfecfe5b2cf179171f1ff7a50d1
1ad5259a2f067f36bc1e999d2ff302d435de4205968666aa27b378cd0f224c69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-df71e98f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=916
access-control-allow-origin: *
etag: W/"6639e6e3-394"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6A4NNQWi1Gkx5oNLe3D227U%2FeDbVMd2LVsv4olRomX82iwFrKM8nupZKBc90qQ6XuuUQRvOUL0tET%2BRR%2FTF3m1oyI8DovAMucEzIoJBipZD12z%2BnHBpaD6GB4xKaoNrPMILqndoxKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c8bcdbb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-5d7a8293.js

172.67.186.1

200 OK

4.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-5d7a8293.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (5067), with no line terminators
Size
4.8 kB (4793 bytes)
Hash
1f91ead58338d8a945d6363574cf7ef0
72fc0d85425809081d32bb99f6375eb7ec68a46c
7badd4d4a64f29c09db7085e4135631af43a37220857a5795e36b651739e6c09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-5d7a8293.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4794
access-control-allow-origin: *
etag: W/"6639e6e3-12ba"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gzkS168knr3sapuCvmTdyjBoHCx1DLfiNHVJ5ECgD3M08BiM18RR6dz0bZHiKd2QDbcuJUAAPRe9iZkp8kpLASzo5v%2FZMj2EfEQBIKYLAOBfuBVltGCr29mpD737fX2%2BvseFzRSY0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c5cb8eb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-4f13edc9.js

172.67.186.1

200 OK

426 B

URL GET HTTP/3
flaredownload.com/assets/hl-4f13edc9.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (456), with no line terminators
Size
426 B (426 bytes)
Hash
020a4180e14c31ebd748c5b02afaabf4
60d4904d7695cf40b7e4ee9508158ddb9e9c2add
92139ca312a5f90123e0a4c10c1b10d2514700b426c761f41dcc37253bd26ed5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-4f13edc9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=427
access-control-allow-origin: *
etag: W/"6639e6e3-1ab"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bc1mFCahq7CKoPHBGp2pQ8yIzu7M9QW9m0gaW4stDd8%2FRAwqQ6vpEjYAN6Eu2X%2FaPI4uDokFRlNIWV6VyDJPXzFmPiNrNV6hm7A3VBPfZiKVr672hWCt%2FC%2B9Qr%2BxbDSJ%2BtQNPEjn6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c8bcdfb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=

172.67.186.1

200 OK

417 B

URL User Request GET HTTP/2
flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
HTML document, ASCII text, with very long lines (456), with no line terminators
Size
417 B (417 bytes)
Hash
410302fa487435a3db87897f5356abfe
f6b04de92db590c9da3bc6749478922756a8ac17
692c11e825f6a0da97fcb720e4ec710592281e9903a31c47f22350811b87d1f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 04:09:10 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLNPwBaoQuT0rr6ESpDY2BhYkXx3IlPA8bNsgRn2tK%2BEkMO2WPckqRVPOTLXzcEvoAvbuJcVN32dcb7WR9xUToSFwqmCaqsJ7k7VReDJ90pPWNgPYU7O7YyjhFZlYwX1%2FdpmXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880697c05e11b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-016c1a2d.js

172.67.186.1

200 OK

266 kB

URL GET HTTP/3
flaredownload.com/assets/hl-016c1a2d.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
266 kB (266384 bytes)
Hash
6f9b2057062a1662be08363e30596a68
f82cded4ee9eecfbc1712e636c6fe4fadc8ec0d1
c00ad680dd0968e24075c04746e1a39be2a69cd9c3a374bae7587fd4d0454d54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-016c1a2d.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=266407
access-control-allow-origin: *
etag: W/"6639e6e3-410a7"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKUpQZzEMsB0n2%2FssSb86%2FhC2sZ%2F39yb9O3g0mueD27aeHHCVwIlSZPJevdbffhqMN3Czth%2BZTmHkax52JM7llhKzbg3uAEKmHdDjaSVTEwZ0G1GNhA7fL2nEYuNswAjjfKqPBVb3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697c349efb4fa-OSL
content-encoding: br

flaredownload.com/assets/hl-346b376b.js

172.67.186.1

200 OK

1.9 kB

URL GET HTTP/3
flaredownload.com/assets/hl-346b376b.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1960), with no line terminators
Size
1.9 kB (1922 bytes)
Hash
e7731485a49d3b18ab73c2efd5132cbb
983a86196a2657a6e6e730e55f4c771afa23c1c1
b62fedde63fd2481efaf838bec545e9ca1b4e97819ab30853a1b385f2c39586b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-346b376b.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1923
access-control-allow-origin: *
etag: W/"6639e6e3-783"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H53PD%2BetlHbN03%2BZeMSVCJWIthXLCHYVGcfrtGDX6%2FZWd9mXwJliptEhMbjlLfEnuXRy5rcaQk%2B7tqmz9KmWwgjWs85e9JghkaclN1hm0IxI7WNos9UQGYl3mKUWBqrFr1v9jgB3GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697ca4dd8b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,500,700

142.250.74.42

200 OK

8.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (8956), with no line terminators
Size
8.7 kB (8732 bytes)
Hash
91804c0df51e58b0bf469561e1ac2732
cc5a9023e310b49ef8f8ae32bb89ea774fe116ec
8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa

HTTP Headers

GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 04:09:11 GMT
date: Wed, 08 May 2024 04:09:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-4ae220c2.js

172.67.186.1

200 OK

779 B

URL GET HTTP/3
flaredownload.com/assets/hl-4ae220c2.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (821), with no line terminators
Size
779 B (779 bytes)
Hash
ac960bb4fafd7eae585cc2dd2977147c
bea992f937a46aa237ca5f3c87c7f5edb3127f72
d01f6043abdbd61de10a397af1eb251e7125e1a3de229eb7afa6e198550e58cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-4ae220c2.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"6639e6e3-30c"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQb4s08lsBvgpVYLWHyhu308UFypXNafe9T7Fbl%2B5q2H%2B4LdvWgV01OOfiFFoYjHVdkT%2FSdRAdwHXir%2BfckuosU4r8wEfENsUoxvSGYh0dQOcl%2B5EjvKpFNw1kzs7vvL01mw5n%2BTgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697ca4dd3b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-af68a598.js

172.67.186.1

200 OK

360 B

URL GET HTTP/3
flaredownload.com/assets/hl-af68a598.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (378), with no line terminators
Size
360 B (360 bytes)
Hash
9fdaccd89fc9168d9ccec4eda147aac2
9bfc724b8fa0f97dbccd6aaf5998f2f8b7a7bc83
162622491ab95208d44c02b06d9cea34010e365a297f91900fff6757d220e3b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-af68a598.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-d3953248.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=361
access-control-allow-origin: *
etag: W/"6639e6e3-169"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yU%2FaKBGUzuhIxsjA8N%2FK8ZULLTMBtKml1UU%2FhWVm%2BZl3uokQP6kMklRaJ9wXbdbiWAKuizEe%2FUytazTzO8lu5UPgasVxlpm0LB%2FV8n7JxyMM6cIv%2BrMUjY2A%2FQfZhA31rUAU6TzoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697c8fd00b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-78f24724.css

172.67.186.1

200 OK

26 kB

URL GET HTTP/3
flaredownload.com/assets/hl-78f24724.css
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (26409), with no line terminators
Size
26 kB (26409 bytes)
Hash
f89cae638a8015aae1089a2222424d0c
2af82acafcc3e922b30bed5dd5516def3003b013
5043dc083072fc72e3ac45b97c961ee95ad1b6ad9d31f5d461dad48e63454371

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-78f24724.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=26547
access-control-allow-origin: *
etag: W/"6639e6e3-67b3"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIg4GrE1LR9wMhZccZMjuSxj4LzKwjVBA7SHNygggoiIdi6lBPcSfAxH8on62WsJGNUpvYABKGIuaR0yQZr1GzMCNKi4AjEKmIb8qZ575MnEOut7t6s4pKRDalCfTlFswPkaV3RkQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697c8acd0b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-8ecdb346.js

172.67.186.1

200 OK

6.3 kB

URL GET HTTP/3
flaredownload.com/assets/hl-8ecdb346.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (6661), with no line terminators
Size
6.3 kB (6329 bytes)
Hash
47c46646da7f220e939e22227ad81c52
943b29a57ab33348040254a84f677e9e7199f513
ea1e2a1bd2536c133f8c25c5d167fa60a5979e6875a2eeb163e1ef9a6443b7f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-8ecdb346.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6330
access-control-allow-origin: *
etag: W/"6639e6e3-18ba"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhRGXZt%2FHUlLMNlnKTUOMdU1IVFI8sM%2BPzJbAuxRl4Z91lwvL%2F5wg5Ejc0OUySyXIiVog2%2BGnOm%2FYR2%2FbS%2F3OxB3esThUsX%2F6lm%2Fn4f36icuPzvCkguczHSP3tMenpG1powzdFX9bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c8bcdeb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-df7628f8.js

172.67.186.1

200 OK

2.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-df7628f8.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (2919), with no line terminators
Size
2.8 kB (2841 bytes)
Hash
ebb150f7628084b5a2b845ff6b722fef
fc20037e7e252745866f61086814d61f0ed9632e
367a6126740f6beafac00eb851605cf8a2953549845c46fc892020a4e1c36375

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-df7628f8.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"6639e6e3-b1a"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loLlazX0z8RVGM7PXzE%2FVVfcLfb4zw0f%2BU3g%2BTT3A3ni5utV90aRa0oBnCcNeygpd455e8WZvdf%2BPN6qq8y9yMf3OB9KaiyK8NaLv94Wc1huiWYn53DwCobz5Hd7joUOODj3s81tCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697ca3dcfb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-4ae220c2.js

172.67.186.1

200 OK

779 B

URL GET HTTP/3
flaredownload.com/assets/hl-4ae220c2.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (821), with no line terminators
Size
779 B (779 bytes)
Hash
ac960bb4fafd7eae585cc2dd2977147c
bea992f937a46aa237ca5f3c87c7f5edb3127f72
d01f6043abdbd61de10a397af1eb251e7125e1a3de229eb7afa6e198550e58cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-4ae220c2.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-8ecdb346.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"6639e6e3-30c"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQb4s08lsBvgpVYLWHyhu308UFypXNafe9T7Fbl%2B5q2H%2B4LdvWgV01OOfiFFoYjHVdkT%2FSdRAdwHXir%2BfckuosU4r8wEfENsUoxvSGYh0dQOcl%2B5EjvKpFNw1kzs7vvL01mw5n%2BTgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697ca5ddeb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/favicon.ico

172.67.186.1

200 OK

4.3 kB

URL GET HTTP/3
flaredownload.com/favicon.ico
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
4.3 kB (4286 bytes)
Hash
1ba2ae710d927f13d483fd5d1e548c9b
c0605efed936ee2600284e6480521d06fa64f872
db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: image/x-icon
last-modified: Wed, 13 Sep 2023 08:04:59 GMT
etag: W/"65016d2b-10be"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7owW9eYyoimxIdIZu4sHeMlmDA1dNwVk5Ea5z%2FobBGEznhwLjn%2FUUgVEhE6d5YLUxAyz6S4rhxXD17r99j%2BC6O9Ck5Vygq9JccwEOYWi4uumvPiXUYRAikkpxvKXRVa35SbUZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880697c51b08b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-af68a598.js

172.67.186.1

200 OK

360 B

URL GET HTTP/3
flaredownload.com/assets/hl-af68a598.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (378), with no line terminators
Size
360 B (360 bytes)
Hash
9fdaccd89fc9168d9ccec4eda147aac2
9bfc724b8fa0f97dbccd6aaf5998f2f8b7a7bc83
162622491ab95208d44c02b06d9cea34010e365a297f91900fff6757d220e3b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-af68a598.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=361
access-control-allow-origin: *
etag: W/"6639e6e3-169"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yU%2FaKBGUzuhIxsjA8N%2FK8ZULLTMBtKml1UU%2FhWVm%2BZl3uokQP6kMklRaJ9wXbdbiWAKuizEe%2FUytazTzO8lu5UPgasVxlpm0LB%2FV8n7JxyMM6cIv%2BrMUjY2A%2FQfZhA31rUAU6TzoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c8acd3b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-8ecdb346.js

172.67.186.1

200 OK

6.3 kB

URL GET HTTP/3
flaredownload.com/assets/hl-8ecdb346.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (6661), with no line terminators
Size
6.3 kB (6329 bytes)
Hash
47c46646da7f220e939e22227ad81c52
943b29a57ab33348040254a84f677e9e7199f513
ea1e2a1bd2536c133f8c25c5d167fa60a5979e6875a2eeb163e1ef9a6443b7f1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-8ecdb346.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6330
access-control-allow-origin: *
etag: W/"6639e6e3-18ba"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhRGXZt%2FHUlLMNlnKTUOMdU1IVFI8sM%2BPzJbAuxRl4Z91lwvL%2F5wg5Ejc0OUySyXIiVog2%2BGnOm%2FYR2%2FbS%2F3OxB3esThUsX%2F6lm%2Fn4f36icuPzvCkguczHSP3tMenpG1powzdFX9bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 880697c9dd6cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-41e46faf.woff2

172.67.186.1

200 OK

7.9 kB

URL GET HTTP/3
flaredownload.com/assets/hl-41e46faf.woff2
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0
Size
7.9 kB (7900 bytes)
Hash
9ed361bba8488aeb2797b82befda20f1
6f80d965a066aff81c0a344d4b7297bd009cc099
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-41e46faf.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/octet-stream
content-length: 7900
last-modified: Tue, 07 May 2024 08:31:30 GMT
etag: "6639e6e2-1edc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ww5PmnDM9QKXNVuwDfYBzIz3MuYkAUfFxZY%2FQEZFC%2BTYJFJhPv6Lw8Q5j1Lj7tvAYwEitngD7okWmhS%2B9ve0Dkq7V2JHjQfrCYzPgUtV%2B3ayMEFp7BKc3DSXMEKP1beGqpKK2aQrlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 880697ca7df1b4fa-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-016c1a2d.js

172.67.186.1

200 OK

266 kB

URL GET HTTP/3
flaredownload.com/assets/hl-016c1a2d.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
266 kB (266384 bytes)
Hash
6f9b2057062a1662be08363e30596a68
f82cded4ee9eecfbc1712e636c6fe4fadc8ec0d1
c00ad680dd0968e24075c04746e1a39be2a69cd9c3a374bae7587fd4d0454d54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-016c1a2d.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=266407
access-control-allow-origin: *
etag: W/"6639e6e3-410a7"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKUpQZzEMsB0n2%2FssSb86%2FhC2sZ%2F39yb9O3g0mueD27aeHHCVwIlSZPJevdbffhqMN3Czth%2BZTmHkax52JM7llhKzbg3uAEKmHdDjaSVTEwZ0G1GNhA7fL2nEYuNswAjjfKqPBVb3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 880697c6ec2ab4fa-OSL
content-encoding: br

flaredownload.com/assets/hl-b598c105.js

172.67.186.1

200 OK

561 B

URL GET HTTP/3
flaredownload.com/assets/hl-b598c105.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (583), with no line terminators
Size
561 B (561 bytes)
Hash
1c5420b82de453f328768c16de244375
d12a9703fd07aa35f70c185faa342615897616cc
a1523fc0fa22a170f10c74e4cd3a20381ef4497bda9dec7a77afaa9c84d25da0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-b598c105.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"6639e6e3-232"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzExy%2BymlhGJXzhanlEc5mxSXfY6525VqgBb%2BJcDbQQ4nSfW7WFMxWF6lb3hoQBNbUuXUPFhAaIsVGUbBBCNyLukBTduquivBSng8iOin2FMASKA%2B9nQgazSngmFVI5UAme0%2Bbqm%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 880697c8acd8b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-df71e98f.js

172.67.186.1

200 OK

915 B

URL GET HTTP/3
flaredownload.com/assets/hl-df71e98f.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (943), with no line terminators
Size
915 B (915 bytes)
Hash
ebd0d54d990ddcfaea069173441018a6
abe061cb6d696dfecfe5b2cf179171f1ff7a50d1
1ad5259a2f067f36bc1e999d2ff302d435de4205968666aa27b378cd0f224c69

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-df71e98f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=916
access-control-allow-origin: *
etag: W/"6639e6e3-394"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6A4NNQWi1Gkx5oNLe3D227U%2FeDbVMd2LVsv4olRomX82iwFrKM8nupZKBc90qQ6XuuUQRvOUL0tET%2BRR%2FTF3m1oyI8DovAMucEzIoJBipZD12z%2BnHBpaD6GB4xKaoNrPMILqndoxKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 880697c9dd6ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/lead/prefill

172.67.186.1

200 OK

64 B

URL POST HTTP/3
flaredownload.com/lead/prefill
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
0a00dc476383c35bcfbc0ea44c3a60ea
36ebdfa0bfa4aa0ec8f4d7417d2112bae7d406db
819bd596583bc3bc638b2fa8d87d80b16551a1d68abb86261795db848cc226d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /lead/prefill HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
sentry-trace: 274b2fbf48af4295bfbb64968b82e8cf-a8558c8bb0e81b8a-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=274b2fbf48af4295bfbb64968b82e8cf,sentry-sample_rate=0.1,sentry-transaction=LandingHome,sentry-sampled=false
Content-Length: 56
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gj06aJLOowCES3JGtlLq0%2F5T64slk5emDDvhZnxsTzmGprCkg1UKJwFdtzudmu3P8cIymelVDs4600N5s4o4PAFQ5N0U0v26yunbaOF6fkGQULYVFy9ALaYYVQ1MaeXOLlrzRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880697ca3dcab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-e625189b.js

172.67.186.1

200 OK

3.2 kB

URL GET HTTP/3
flaredownload.com/assets/hl-e625189b.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (3248), with no line terminators
Size
3.2 kB (3167 bytes)
Hash
3760a138899b9cdc2ae817843b8b8c31
45befab9c698b30bbb5d71004f6914f3e4736ac1
69338ec34741d6ccbceee41cb706c4a4f9e3639f1a5919f5b31bc4ee94de4ce8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-e625189b.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-016c1a2d.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 08:31:31 GMT
etag: W/"6639e6e3-c5f"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f59C6NiRllFr0rCFl0sQEJlvl9a4%2F%2FRLx5CPZhFwtSlnFJUPtoMG2e2S288iT%2F4mH400pHP6LDHQqqZSpUNrT9Wa3KLblzv1JLC2kUWJ7dCWRCWCVis0%2BPxwokfBY1%2BpCMds8avLcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 880697c5bb7bb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-b598c105.js

172.67.186.1

200 OK

561 B

URL GET HTTP/3
flaredownload.com/assets/hl-b598c105.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (583), with no line terminators
Size
561 B (561 bytes)
Hash
1c5420b82de453f328768c16de244375
d12a9703fd07aa35f70c185faa342615897616cc
a1523fc0fa22a170f10c74e4cd3a20381ef4497bda9dec7a77afaa9c84d25da0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-b598c105.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"6639e6e3-232"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzExy%2BymlhGJXzhanlEc5mxSXfY6525VqgBb%2BJcDbQQ4nSfW7WFMxWF6lb3hoQBNbUuXUPFhAaIsVGUbBBCNyLukBTduquivBSng8iOin2FMASKA%2B9nQgazSngmFVI5UAme0%2Bbqm%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 880697c9dd69b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-4f13edc9.js

172.67.186.1

200 OK

426 B

URL GET HTTP/3
flaredownload.com/assets/hl-4f13edc9.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (456), with no line terminators
Size
426 B (426 bytes)
Hash
020a4180e14c31ebd748c5b02afaabf4
60d4904d7695cf40b7e4ee9508158ddb9e9c2add
92139ca312a5f90123e0a4c10c1b10d2514700b426c761f41dcc37253bd26ed5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-4f13edc9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=427
access-control-allow-origin: *
etag: W/"6639e6e3-1ab"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bc1mFCahq7CKoPHBGp2pQ8yIzu7M9QW9m0gaW4stDd8%2FRAwqQ6vpEjYAN6Eu2X%2FaPI4uDokFRlNIWV6VyDJPXzFmPiNrNV6hm7A3VBPfZiKVr672hWCt%2FC%2B9Qr%2BxbDSJ%2BtQNPEjn6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 880697c9dd6db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-346b376b.js

172.67.186.1

200 OK

1.9 kB

URL GET HTTP/3
flaredownload.com/assets/hl-346b376b.js
IP
172.67.186.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=a2223cca-51ef-40d9-b2ea-94fad761cd29&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=72KeystoManifestation:AnAncientPathofaModern-dayAlchemist&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1960), with no line terminators
Size
1.9 kB (1922 bytes)
Hash
e7731485a49d3b18ab73c2efd5132cbb
983a86196a2657a6e6e730e55f4c771afa23c1c1
b62fedde63fd2481efaf838bec545e9ca1b4e97819ab30853a1b385f2c39586b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-346b376b.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-76eb7d98.js
Cookie: visitInfo::7748=c54c8c603c13a4a0b0489ebd3bac66976c3c52cc19eeb0d5f77193abf29b702aa%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2296e09706e65d58e7ab1601d8244c79f6%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22a2223cca-51ef-40d9-b2ea-94fad761cd29%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715141351.1.0.1715141351.0.0.0; _ga=GA1.1.465517940.1715141352
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 04:09:12 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1923
access-control-allow-origin: *
etag: W/"6639e6e3-783"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H53PD%2BetlHbN03%2BZeMSVCJWIthXLCHYVGcfrtGDX6%2FZWd9mXwJliptEhMbjlLfEnuXRy5rcaQk%2B7tqmz9KmWwgjWs85e9JghkaclN1hm0IxI7WNos9UQGYl3mKUWBqrFr1v9jgB3GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 880697cafe76b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML