Report - go.bluelinknow.com/t/clk?id=6XHa797TmwfYQRhr&s1=6636e630f1e7630001fb6cab&s2=0909c0fd&s8=The%20New%20Human%20Revolution,%20vol.%2021&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02

Report Overview

Submitted URL
go.bluelinknow.com/t/clk?id=6XHa797TmwfYQRhr&s1=6636e630f1e7630001fb6cab&s2=0909c0fd&s8=The%20New%20Human%20Revolution,%20vol.%2021&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02
IP
34.199.31.32
ASN
#14618 AMAZON-AES
Submitted
2024-05-05 03:11:35
Access
public
Website Title
Unlock your favorite content now!
Final URL
flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
86

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
go.bluelinknow.com	unknown	2021-03-08	2021-07-12	2024-03-18	1.4 kB	1.5 kB	34.199.31.32
flaredownload.com	unknown	2024-01-18	2024-01-19	2024-04-18	36 kB	492 kB	104.21.19.111
secureanalytic.com	13422	2019-05-02	2015-12-31	2024-05-03	447 B	9.3 kB	104.21.77.48
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-03	883 B	299 kB	142.250.74.168
event.secureanalytic.com	30491	2019-05-02	2021-07-14	2024-05-04	1.1 kB	3.2 kB	104.21.77.48
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	446 B	9.4 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed
2024-05-05	medium	flaredownload.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	flaredownload.com/en_us/sandbox%20eval%20code	147 B	2023-04-11	2024-05-18
Pretty URL flaredownload.com/en_us/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-18 17:48:53 Times Seen350342 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	unknown	162 B	2024-04-06	2024-05-17
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 17:32:25 Last Seen2024-05-17 23:23:18 Times Seen25 Hash e193bf714b31c897879cd92880a395e0 723115770c90558282dee4dbcfde3175c2a30a1f e0ab77eab014566a6194727273a32d9d4586baf3ab126564e0d30ed4a8c53db3 Loading...

	flaredownload.com/assets/hl-b2285d0c.js	418 B	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-b2285d0c.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-07 09:45:28 Times Seen87 Hash e04fab019b3ffc66a89c9e965dea3c7f f5ef2fc1217f8db227a465dc623b807d100703fc 077eca1fc357bc9c2d6b933f6a33a1adbff1068109fb52a27a140ef4f4530cc8 Loading...

	flaredownload.com/assets/hl-9b82fb7e.js	4.8 kB	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-9b82fb7e.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:16:15 Last Seen2024-05-07 09:45:28 Times Seen95 Hash 737adc24f1ad958f56cebb57886fe4f2 ccf17e31a365c676ace9c1d5bba2d817136cca8a 61c8151311a12f8f05014d2af7ad8fd6a0e6fae148a346213150845f187afdf9 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-18
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-18 17:48:53 Times Seen349828 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	flaredownload.com/assets/hl-e23d783b.js	1.9 kB	2024-04-30	2024-05-05
Pretty URL flaredownload.com/assets/hl-e23d783b.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-30 15:16:15 Last Seen2024-05-05 19:35:20 Times Seen28 Hash 36f589520a75fc40147713ec23bdd82b b0f0f0b43ffa0388561a8670591e4a656e66169d eeca14b6169a558b5b5e618ecddae6eb2de4aeb8a90077795ab183960a2b1593 Loading...

	flaredownload.com/assets/hl-a4d1bde7.js	616 B	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-a4d1bde7.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-07 09:45:28 Times Seen73 Hash d8ea30018e0da74ad761ec9316f8f453 d043c4f9f1a74d79fa8d31804db780a30334bf57 d8f8f3a67399e639be2e02d80bc69ed925d292bcda9df7aed5542efcf8c64b12 Loading...

	flaredownload.com/assets/hl-cecfe82c.js	3.2 kB	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-cecfe82c.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:16:15 Last Seen2024-05-07 09:45:28 Times Seen70 Hash c87c14cd6f3ce86da2fb0b3ba023ac56 0fe4b7972f7f3c6d315f71b3a0d01ac0afb96b72 acc6f4129ed26087050eff4a23516f973acba7650dbf82314e4468176b5becdd Loading...

	secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com	8.1 kB	2024-05-02	2024-05-18
Pretty URL secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com IP 104.21.77.48 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 23:53:13 Last Seen2024-05-18 01:31:40 Times Seen75 Hash f0fab3cc04750bba62119045aad0cca4 c4bac1f34757d7d9553b0f9d23b1d419e908e62e 4590979b3d0fa22e8974e8b9d80124d0f02b6accbb154ff6e9c67b59e9fcf2c6 Loading...

	www.googletagmanager.com/gtag/js?id=UA-195162716-6	208 kB	2024-05-05	2024-05-05
Pretty URL www.googletagmanager.com/gtag/js?id=UA-195162716-6 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 05:11:36 Last Seen2024-05-05 05:11:37 Times Seen2 Hash bab419e312844e3e7db8e44f7cea17de 4761ffb1b11165c8b8b20da3e5af4335c8607243 14d522bba4f14dc2e7fee87b67ba6d17d1435265e5c23817f4cdde7494f6b8cb Loading...

	flaredownload.com/assets/hl-4f383950.js	561 B	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-4f383950.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-07 09:45:28 Times Seen96 Hash 3ffc3476cff6cca96cb96876f8b67d96 86cf88d21b81051f6e1da044c3b7867ffff617ea 38b6ba19a3c3455aba80b3198455d48ce70dff2b5eac2c05c0361cd737d81d8a Loading...

	flaredownload.com/assets/hl-1ce00f64.js	1.3 kB	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-1ce00f64.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-07 09:45:19 Times Seen67 Hash 78a9504a05183785e2753cdfd3cd1f8c fd82ab2cfb812608e8f23df024f29e2e19395824 e91c3fd916da5ff8e1d06b75bf67745fc2865edddfdec054d68339eb816d4186 Loading...

	flaredownload.com/assets/hl-35a77ba0.js	72 kB	2024-04-18	2024-05-18
Pretty URL flaredownload.com/assets/hl-35a77ba0.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:16:42 Last Seen2024-05-18 01:31:40 Times Seen180 Hash f87da472e47dc575b6cb8dc377d18916 bff262654ae71f3be0a658cfbe5a53c787c05d55 5c38207c92f3650eaef6616521c8b1e0a03ceb384030f1c2b67cb75e25925ca8 Loading...

	flaredownload.com/assets/hl-de833af9.js	690 B	2023-11-04	2024-05-18
Pretty URL flaredownload.com/assets/hl-de833af9.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-11-04 19:20:12 Last Seen2024-05-18 01:31:40 Times Seen180 Hash 07f4201d4f772dc3825f3399bb217552 e70c0af48037b02ab9ea515952b889f9eb7bcdb1 5103bcdb5637c56d4a70564479cef8e07ec2d3f00620b428cdb36c28c430d906 Loading...

	flaredownload.com/assets/hl-5c2cfe2f.js	6.1 kB	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-5c2cfe2f.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-07 09:45:28 Times Seen98 Hash 1688ac06cc894985a8a82aee191cba8c b26ccd34be5c0a5c6b31d01e272af637302189c4 cdef597b7b8f1cb9114a5a5929e21ce2201dbe7230717b3a759b93b674cd7a9a Loading...

	flaredownload.com/assets/hl-cb0a5a8f.js	779 B	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-cb0a5a8f.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-07 09:45:28 Times Seen84 Hash 907173b9fd8b43cc2f410c95205ae736 fc7244501458e3e52756b9b63d3c69261a896cc1 319cf4c29a8e27a45fd11d1069c65991071dc10bf4d2107be22ef5d668161205 Loading...

	flaredownload.com/assets/hl-08811a43.js	1.9 kB	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-08811a43.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-07 09:45:28 Times Seen73 Hash b3cc658ff9142451c0996b8387b9d0a8 e3c6e04ce8075674ff655e2c40972357de28b831 452f2f0c2d36818e3fef0ce6f98c9bcbf9a04430f36bb20128c46b402f0dd401 Loading...

	flaredownload.com/assets/hl-d9848c4e.js	266 kB	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-d9848c4e.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:16:15 Last Seen2024-05-07 09:45:28 Times Seen154 Hash bc391c99295126181f9f7d4f7df0a3a7 26cdaa77397971dfdcec4ea470232af8a75ccee5 887814e7c041b00843e836ce38cbd9a0815681b9e8f26dc4c35f218484b91c06 Loading...

	flaredownload.com/assets/hl-edb2da2a.js	1.4 kB	2024-04-18	2024-05-18
Pretty URL flaredownload.com/assets/hl-edb2da2a.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-18 12:16:43 Last Seen2024-05-18 01:31:40 Times Seen167 Hash 0fb9d8a5fba7f6a569da52896f965ea3 6e57202028341c2674083acf9e428817c6725c6c 30137b4b0317a40d0c195fff2b2cd054bb39adf2fb94d357f269cb36e3c11581 Loading...

	www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c	254 kB	2024-05-05	2024-05-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-05 05:11:37 Last Seen2024-05-05 05:11:37 Times Seen2 Hash 84de809374027a5196e06ca5b2d568cc 7888d1039b1803182a59404c1358be2c0bbec0e2 b894eda35107dca5ce7423740dd2431adf5f58b14cd0c9657b1daf4019b7fa4a Loading...

	flaredownload.com/assets/hl-10019e0a.js	915 B	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-10019e0a.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-07 09:45:28 Times Seen84 Hash 1e3a1a6723609eeef1ca18aec31ede1d 405b4e4497e97405e5995f09124499ac81fac9e9 bf2961388d2f4dfc52a8de4cb9c8950391e67b7663f19816825b4e94045096b3 Loading...

	flaredownload.com/assets/hl-02495a6a.js	426 B	2024-04-30	2024-05-05
Pretty URL flaredownload.com/assets/hl-02495a6a.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-05 19:35:20 Times Seen27 Hash 912f59657d54aba299034bb96afd55e1 040acac319733a336483c2ad127ad94639d0246d c0457067e0eacfe454c88e82080674c81fdd3f57bc9eb515efa18aa17870cee2 Loading...

	flaredownload.com/assets/hl-0b0bf188.js	360 B	2024-04-30	2024-05-05
Pretty URL flaredownload.com/assets/hl-0b0bf188.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-05 19:35:20 Times Seen26 Hash 96de889f939ba92725dcd6509ce3a39e c20d3f7ad0871f253b67d8da84fe39b8c73d3c68 803c41be01289bc55301a91007de053c3a90ca4fa4b1cda8c9a7d22141eff9f4 Loading...

	flaredownload.com/assets/hl-c19e0283.js	2.8 kB	2024-04-30	2024-05-07
Pretty URL flaredownload.com/assets/hl-c19e0283.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:16:16 Last Seen2024-05-07 09:45:28 Times Seen87 Hash 5364ad1b0f5b59fcd9c02c0f3c957dce 30091f623e0d4fd19a4263939921801b8496747b bd801f4af0ece9b9292c0495cc3a14f03300f644b4eb3136ecc189f7de838762 Loading...

	flaredownload.com/assets/hl-6f73767e.js	1.3 kB	2024-04-30	2024-05-05
Pretty URL flaredownload.com/assets/hl-6f73767e.js IP 104.21.19.111 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-30 15:16:15 Last Seen2024-05-05 19:35:20 Times Seen30 Hash 5168e2bd6ea61c61ffc85070695db0a0 015634c336e6b853b1459cc2f915cf32286d966d bc6e2004c6005453b32fa7483ca27faf09c39e08c6c64be3642bd58dd864541d Loading...

HTTP Transactions (51)

URL IP Response Size

go.bluelinknow.com/t/clk?id=6XHa797TmwfYQRhr&s1=6636e630f1e7630001fb6cab&s2=0909c0fd&s8=The%20New%20Human%20Revolution,%20vol.%2021&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02

34.199.31.32

302 Found

0 B

URL User Request GET HTTP/2
go.bluelinknow.com/t/clk?id=6XHa797TmwfYQRhr&s1=6636e630f1e7630001fb6cab&s2=0909c0fd&s8=The%20New%20Human%20Revolution,%20vol.%2021&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02
IP
34.199.31.32:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subject*.redlinknow.com
Fingerprint79:82:ED:1B:55:67:44:54:B9:21:32:61:9D:61:C9:1A:2F:AF:97:76
ValiditySun, 17 Dec 2023 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/clk?id=6XHa797TmwfYQRhr&s1=6636e630f1e7630001fb6cab&s2=0909c0fd&s8=The%20New%20Human%20Revolution,%20vol.%2021&rl=XD2v&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02 HTTP/1.1
Host: go.bluelinknow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 05 May 2024 03:11:09 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://go.bluelinknow.com/t/clk?id=l7HRkLkUB4HXBdC0&s1=6636e630f1e7630001fb6cab&s2=0909c0fd&s8=The%20New%20Human%20Revolution,%20vol.%2021&rl=v2ryiWXy&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02,R02
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: ydt_a31a0322edef4efaa328c3e667d70925="[]:1s3SHN:hWjJnmgzUJ0qQsbvmLmtNuVaqqI"; expires=Tue, 04 Jun 2024 05:11:09 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

go.bluelinknow.com/t/clk?id=l7HRkLkUB4HXBdC0&s1=6636e630f1e7630001fb6cab&s2=0909c0fd&s8=The%20New%20Human%20Revolution,%20vol.%2021&rl=v2ryiWXy&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02,R02

34.199.31.32

302 Found

0 B

URL User Request GET HTTP/2
go.bluelinknow.com/t/clk?id=l7HRkLkUB4HXBdC0&s1=6636e630f1e7630001fb6cab&s2=0909c0fd&s8=The%20New%20Human%20Revolution,%20vol.%2021&rl=v2ryiWXy&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02,R02
IP
34.199.31.32:443
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subject*.redlinknow.com
Fingerprint79:82:ED:1B:55:67:44:54:B9:21:32:61:9D:61:C9:1A:2F:AF:97:76
ValiditySun, 17 Dec 2023 00:00:00 GMT - Tue, 14 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /t/clk?id=l7HRkLkUB4HXBdC0&s1=6636e630f1e7630001fb6cab&s2=0909c0fd&s8=The%20New%20Human%20Revolution,%20vol.%2021&rl=v2ryiWXy&redirect-from=qMHYEQETLvuvMGuY&rcode=R02&rseq=R02,R02 HTTP/1.1
Host: go.bluelinknow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ydt_a31a0322edef4efaa328c3e667d70925="[]:1s3SHN:hWjJnmgzUJ0qQsbvmLmtNuVaqqI"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sun, 05 May 2024 03:11:09 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
server: nginx/1.14.2
cache-control: no-transform
x-frame-options: SAMEORIGIN
vary: Accept-Language, Cookie, Origin
content-language: en
set-cookie: uip="[\"4y8OKe\"\054 {\"raep\": \"zveG9JV\"}]:1s3SHN:4n4kgvJHo2TOUrruq8qeqsvLTLE"; expires=Tue, 04 Jun 2024 03:11:09 GMT; Max-Age=2592000; Path=/
ydt_a31a0322edef4efaa328c3e667d70925="[\"47992364-2729-416e-be90-83d893238bb5\"]:1s3SHN:CKeQj4hKKFOqMwqvqV2yotyHYEc"; expires=Tue, 04 Jun 2024 05:11:09 GMT; Max-Age=2599200; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-1ce00f64.js

104.21.19.111

200 OK

3.3 kB

URL GET HTTP/3
flaredownload.com/assets/hl-1ce00f64.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (305)
Size
3.3 kB (3280 bytes)
Hash
78a9504a05183785e2753cdfd3cd1f8c
fd82ab2cfb812608e8f23df024f29e2e19395824
e91c3fd916da5ff8e1d06b75bf67745fc2865edddfdec054d68339eb816d4186

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-1ce00f64.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1286
access-control-allow-origin: *
etag: W/"6630d038-506"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZnRFkhM9pvtCaC8IVeB8Tx69a1Y8i0szs1zDKa8HTOfyTMNlKd5wb3Mp32dksJVmwsU9ygrSCoyZeKULuDRdaRAmuX4ZXB3tMxh5iUw4gK6hRsj4fWCaA5pp2PKm1Gpkd%2F6Pfa5c4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aaa0f1156ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com

104.21.77.48

200 OK

7.9 kB

URL GET HTTP/2
secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com
IP
104.21.77.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type
JavaScript source, ASCII text, with very long lines (8142)
Size
7.9 kB (7942 bytes)
Hash
f0fab3cc04750bba62119045aad0cca4
c4bac1f34757d7d9553b0f9d23b1d419e908e62e
4590979b3d0fa22e8974e8b9d80124d0f02b6accbb154ff6e9c67b59e9fcf2c6

HTTP Headers

GET /scripts/push/script/02eyoyxdkz?url=flaredownload.com HTTP/1.1
Host: secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: HIT
age: 5819
last-modified: Sun, 05 May 2024 01:34:11 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3OB7%2BH7vtgRjmLM%2FNpLYvQUZ%2FlquAgJiWXmIeDdSPcfga38%2Fbe4rq8pb7qUIS07yY9q8jQgy1l0UmBplk5sJrCc39cK2ku%2B5hZxrhIFWTq6K1CP7%2B0RXRlyTgY6AmPY1miDXUWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8aaa8cadb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-d9848c4e.js

104.21.19.111

200 OK

97 kB

URL GET HTTP/3
flaredownload.com/assets/hl-d9848c4e.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
97 kB (97142 bytes)
Hash
bc391c99295126181f9f7d4f7df0a3a7
26cdaa77397971dfdcec4ea470232af8a75ccee5
887814e7c041b00843e836ce38cbd9a0815681b9e8f26dc4c35f218484b91c06

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-d9848c4e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=265778
access-control-allow-origin: *
etag: W/"6630d038-40e32"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXaYywz%2BD6PkXjYJ1hTc%2FUWzRt5aq5H0gPbX%2Bcw3NMwSzFilbPQIJTQWHQuwAd6qPZEMz2MUK0E5M%2FIHPMZdoCNp%2FobTAb19DO6AUAWvOoZY12iU5zsjDXSxUPRU2Ytkp1qKNjvz0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aa7de5f56ab-OSL
content-encoding: br

flaredownload.com/assets/hl-1ce00f64.js

104.21.19.111

200 OK

75 kB

URL GET HTTP/3
flaredownload.com/assets/hl-1ce00f64.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (305)
Size
75 kB (75145 bytes)
Hash
78a9504a05183785e2753cdfd3cd1f8c
fd82ab2cfb812608e8f23df024f29e2e19395824
e91c3fd916da5ff8e1d06b75bf67745fc2865edddfdec054d68339eb816d4186

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-1ce00f64.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-d9848c4e.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1286
access-control-allow-origin: *
etag: W/"6630d038-506"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZnRFkhM9pvtCaC8IVeB8Tx69a1Y8i0szs1zDKa8HTOfyTMNlKd5wb3Mp32dksJVmwsU9ygrSCoyZeKULuDRdaRAmuX4ZXB3tMxh5iUw4gK6hRsj4fWCaA5pp2PKm1Gpkd%2F6Pfa5c4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aaa0f1556ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-d98910d4.css

104.21.19.111

200 OK

17 kB

URL GET HTTP/3
flaredownload.com/assets/hl-d98910d4.css
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (65329)
Size
17 kB (17315 bytes)
Hash
a1713c7a8fb53e78bbd5a1c76068791d
c15ca4f1e62bde996f9c72fb4a3e3f584b966741
cd7e4b31039bf939306ab3d38291f59e92069a24744e4b359b557aba0eb5b219

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-d98910d4.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=77791
access-control-allow-origin: *
etag: W/"6630d038-12fdf"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Br37s1%2BriG%2FM1wp6X%2Fb1qfFdT3zUG3Kbvdm2x58W6Xkp%2F%2B%2B4fvPzSau6HGcM%2FT6eyDH%2BQ24EUTSe9hqirh1j9LAi3RoPULAVtkF65kcTRBOJfuoJr6VW2DqFswMBpQd4%2Fm6qTtnx%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aaabf5656ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c

142.250.74.168

200 OK

90 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
90 kB (89848 bytes)
Hash
84de809374027a5196e06ca5b2d568cc
7888d1039b1803182a59404c1358be2c0bbec0e2
b894eda35107dca5ce7423740dd2431adf5f58b14cd0c9657b1daf4019b7fa4a

HTTP Headers

GET /gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 May 2024 03:11:10 GMT
expires: Sun, 05 May 2024 03:11:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

flaredownload.com/assets/hl-10019e0a.js

104.21.19.111

200 OK

1.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-10019e0a.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (915), with no line terminators
Size
1.1 kB (1066 bytes)
Hash
1e3a1a6723609eeef1ca18aec31ede1d
405b4e4497e97405e5995f09124499ac81fac9e9
bf2961388d2f4dfc52a8de4cb9c8950391e67b7663f19816825b4e94045096b3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-10019e0a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-0b0bf188.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=916
access-control-allow-origin: *
etag: W/"6630d038-394"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxkkSLAmcA4oxnCGW8DMngCyQ%2BRlS7kyC6fBpa6cInHJarUGC4s1lwZVdLIwzKVfMSsL8IX77uSEi7Od69ySApLoms2kaqSYKNyoPohFq7vwsJJbUxiKq4k3U2s8qPw6NETWF9%2Fpsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87ed8aad6ffd56ab-OSL
content-encoding: br

flaredownload.com/assets/hl-02495a6a.js

104.21.19.111

200 OK

779 B

URL GET HTTP/3
flaredownload.com/assets/hl-02495a6a.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (426), with no line terminators
Size
779 B (779 bytes)
Hash
912f59657d54aba299034bb96afd55e1
040acac319733a336483c2ad127ad94639d0246d
c0457067e0eacfe454c88e82080674c81fdd3f57bc9eb515efa18aa17870cee2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-02495a6a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-0b0bf188.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=427
access-control-allow-origin: *
etag: W/"6630d038-1ab"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwLv7JDegq%2FdfSocntJubC3iSev7UDEkKf1GVNSHBAFCEhLv%2Fje6GcLZuHlDF6IZAyiWwwCvgHt2twbdSoMKlfnb9KxOnCZjC%2BZvixY4DR%2FaRLBx%2BnshocHK8ZFpfxfbRmmS7lExnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87ed8aad7fff56ab-OSL
content-encoding: br

flaredownload.com/assets/hl-e23d783b.js

104.21.19.111

200 OK

6.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-e23d783b.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (1877), with no line terminators
Size
6.1 kB (6096 bytes)
Hash
36f589520a75fc40147713ec23bdd82b
b0f0f0b43ffa0388561a8670591e4a656e66169d
eeca14b6169a558b5b5e618ecddae6eb2de4aeb8a90077795ab183960a2b1593

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-e23d783b.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1878
access-control-allow-origin: *
etag: W/"6630d038-756"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bHn4rXhS7%2Fk2yaUJ0dkR7a%2FLsNa403gq3RtlmrsJahX6o10Z7XiUX6uU0A8jxVylh1A3deFzMJOT%2FHSfN7xPVunmwLgx9TPKfZg1U60%2F2MP3bPWNpzC%2BFLUO5%2FZ3cSpH6%2FbfFelM4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 87ed8aacafd356ab-OSL
content-encoding: br

flaredownload.com/favicon.ico

104.21.19.111

200 OK

6.4 kB

URL GET HTTP/3
flaredownload.com/favicon.ico
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Size
6.4 kB (6372 bytes)
Hash
1ba2ae710d927f13d483fd5d1e548c9b
c0605efed936ee2600284e6480521d06fa64f872
db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: image/x-icon
last-modified: Wed, 13 Sep 2023 08:04:59 GMT
etag: W/"65016d2b-10be"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 1701
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCNDI%2BlJWOBrT3rJH1YCfmkU%2BF%2FyJoYW%2FLrLKYSKgI402gB%2FHy6qC3tjLR3Z6lO56aWYB2Zb9CbYpLohEoYPvUz5Ab6%2FwS3aw8nUmneatvsfxxCS5tmQmJw1FeGluzlMEFblQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ed8aa96eed56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

event.secureanalytic.com/register/event_log/v9e179lqez

104.21.77.48

200 OK

0 B

URL POST HTTP/2
event.secureanalytic.com/register/event_log/v9e179lqez
IP
104.21.77.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /register/event_log/v9e179lqez HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://flaredownload.com/
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: content-type
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
access-control-allow-methods: POST
x-frame-options: SAMEORIGIN
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
access-control-max-age: 1800
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owVS8ulYn4BraiD%2BB%2FtmSmeAyUCSrHggTpOgmKikGqT4t%2FLkSfVyttnIhAT4axvCd1ThRfWXaYn4T7HZRapX7VCcqg0nXEs8AM2ujp8%2BvE10BLifXp6wBAslL2YoHVA3bhlZhNpOhWNBAUk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8aab2ba8b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png

104.21.19.111

200 OK

3.2 kB

URL GET HTTP/3
flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced
Size
3.2 kB (3235 bytes)
Hash
18e8c55ad549933e62ee40b8c7adbdd0
f7bc824a4c70a4babc07b21fcbd413885128e92e
69bec757694a537e73efba217eaca74df87935a063fe5c6a25f22c7e196f6520

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: image/png
content-length: 3235
last-modified: Mon, 24 Apr 2023 09:10:42 GMT
etag: "64464792-ca3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtW6i1x0eJ6HoreNg7BTITNxk4QdaJFVOgdNKHSWjCrSswvyrssE4H2S4LWrnxOcT0YMNZHDU6MkgUvrdh%2BlpJYW7U2Gp75nqJ9msZ8gZkLoa12Kbeb5LQfBP9mWKmIiWR9xJJa9HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 87ed8aae082b56ab-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png

104.21.19.111

200 OK

971 B

URL GET HTTP/3
flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 111 x 75, 8-bit colormap, non-interlaced
Size
971 B (971 bytes)
Hash
2f40fa92fce11c340f70807da03ac0b2
89ef777357b185dee8937a3da0983f39f156fb10
44990fb54269fdec9302792e2c01543679151dbfb279e63089e28656884b3794

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/2f40fa92fce11c340f70807da03ac0b2.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: image/png
content-length: 971
last-modified: Thu, 13 Jan 2022 13:22:43 GMT
etag: "61e027a3-3cb"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVXxjRq8LSvj%2FF7sV13cmWWG3O9kt24btWiolaNMOdRIUSYroyhYXzM4mALPZ2Cy3EsZzRBe9M8ISz0xZRUm%2F7EbGQTQTE%2FAIJA58sTZ2KOg5jZPXuMLvUJUOf%2BT4XcQJnMceMKUNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 87ed8aae082d56ab-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-41e46faf.woff2

104.21.19.111

200 OK

7.9 kB

URL GET HTTP/3
flaredownload.com/assets/hl-41e46faf.woff2
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0
Size
7.9 kB (7900 bytes)
Hash
9ed361bba8488aeb2797b82befda20f1
6f80d965a066aff81c0a344d4b7297bd009cc099
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-41e46faf.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/octet-stream
content-length: 7900
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
etag: "6630d038-1edc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JCATm8SShkCBS3WuyVWphB6xr0soxkY4mq0Kq4PlVtc8wkyRG7sGEB2YmRtj4HgsQCOoiC2dcuwt8WQYh%2BmLt5g%2FaM3%2BBtnjhtUuGNMr3SC8nlNPC4Az6pz6uq7Qg3ogOYU%2FDlwXcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87ed8aae383b56ab-OSL
alt-svc: h3=":443"; ma=86400

event.secureanalytic.com/register/event_log/v9e179lqez

104.21.77.48

200 OK

0 B

URL POST HTTP/2
event.secureanalytic.com/register/event_log/v9e179lqez
IP
104.21.77.48:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerLet's Encrypt
Subjectsecureanalytic.com
FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63
ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /register/event_log/v9e179lqez HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/
Content-type: application/json
Content-Length: 114
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params: 
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: SAMEORIGIN
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BSf%2BsJ1IYZdeKQibBgnXUsHEzHXXyjk6wuB4If0Ggbj%2FgcPzatQ7iEeZyTfiVxUMv75OG4O3xwvNHZgOmy27g7Z0fI2pcT7IhgYet86oeTVEtoWP7dZtj2oCVAgXf6eYhxJP3guaXgxy1Dg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8aae1d06b50b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-b93b9165.woff2

104.21.19.111

200 OK

8.0 kB

URL GET HTTP/3
flaredownload.com/assets/hl-b93b9165.woff2
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7988, version 1.0
Size
8.0 kB (7988 bytes)
Hash
087457026965f98466618a478c4b1b07
00b024ccb35e3694de662d180d6ea7f56de6d654
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-b93b9165.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/octet-stream
content-length: 7988
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
etag: "6630d038-1f34"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MAHZhg0Uro0jOejcWPmh0vo7sRhyhXOYju0iQr0XxNZFFSCrT8205q1ipqc%2F1WkkzMN605uFTl6hVcIzzG5dFZYXPx9jqc5YWfK7vROO3ModF%2Bp32WZIQiFLbW1%2Fgi5IFWi9iJfHoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87ed8aae283956ab-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/lead/prefill

104.21.19.111

200 OK

9.3 kB

URL POST HTTP/3
flaredownload.com/lead/prefill
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JSON text data
Size
9.3 kB (9293 bytes)
Hash
469b4dc67eee4f13496c7ba2715efb9f
96bd09b7e53a9fea666b2e54004cf249d4bd4e17
58a8c78e450324ab7e738926547a4fefe1a2d59801c07d7c96ba6e48c53d248b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /lead/prefill HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
sentry-trace: f334304bcdaa40d89aa30467ce364e95-94d49aabbed6d510-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=f334304bcdaa40d89aa30467ce364e95,sentry-sample_rate=0.1,sentry-transaction=LandingHome,sentry-sampled=false
Content-Length: 56
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nPtUNBfoDx2riavlxy4kuDFi73sQObqn%2BD1R20Ifi5BD6zZYA0E861rQ1m3V%2F%2Be1E4U59imwEVshvu3u%2BEFy6EE%2BQxciHuK8tM%2BbzGMJOEBw0%2FKyMUj0mP%2B8TutHOpuDi8n8qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8aade81b56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-02495a6a.js

104.21.19.111

200 OK

6.0 kB

URL GET HTTP/3
flaredownload.com/assets/hl-02495a6a.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (426), with no line terminators
Size
6.0 kB (5979 bytes)
Hash
912f59657d54aba299034bb96afd55e1
040acac319733a336483c2ad127ad94639d0246d
c0457067e0eacfe454c88e82080674c81fdd3f57bc9eb515efa18aa17870cee2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-02495a6a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=427
access-control-allow-origin: *
etag: W/"6630d038-1ab"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwLv7JDegq%2FdfSocntJubC3iSev7UDEkKf1GVNSHBAFCEhLv%2Fje6GcLZuHlDF6IZAyiWwwCvgHt2twbdSoMKlfnb9KxOnCZjC%2BZvixY4DR%2FaRLBx%2BnshocHK8ZFpfxfbRmmS7lExnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 87ed8aacafd956ab-OSL
content-encoding: br

flaredownload.com/assets/hl-0b0bf188.js

104.21.19.111

200 OK

4.3 kB

URL GET HTTP/3
flaredownload.com/assets/hl-0b0bf188.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (360), with no line terminators
Size
4.3 kB (4270 bytes)
Hash
96de889f939ba92725dcd6509ce3a39e
c20d3f7ad0871f253b67d8da84fe39b8c73d3c68
803c41be01289bc55301a91007de053c3a90ca4fa4b1cda8c9a7d22141eff9f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-0b0bf188.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=361
access-control-allow-origin: *
etag: W/"6630d038-169"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F83bJvzvcyJgkJ6fbkKUXt%2FgEFGoMnnFoZTZvQJXSEb8RbPTTN2GG080hxNcEjoAex5v2v5u9gHMtFyIpldvqCMYQRPRtkPpBPwB0ootraMXkLAmX%2Fys18uvMoqnb5F0J9vzfRa5Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 87ed8aac9fd256ab-OSL
content-encoding: br

flaredownload.com/assets/hl-78f24724.css

104.21.19.111

200 OK

10 kB

URL GET HTTP/3
flaredownload.com/assets/hl-78f24724.css
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (26409), with no line terminators
Size
10 kB (10047 bytes)
Hash
f89cae638a8015aae1089a2222424d0c
2af82acafcc3e922b30bed5dd5516def3003b013
5043dc083072fc72e3ac45b97c961ee95ad1b6ad9d31f5d461dad48e63454371

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-78f24724.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=26547
access-control-allow-origin: *
etag: W/"6630d038-67b3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWBFL2I1d%2BVR9aLN6sPCL9o8cWWI5JDxylfhZJjNibVorE7aCXOtiY%2BoGCt%2BUjwoiwk7qMFLWlzJsTdtiKdfNs8qT7SGBfjQgpF%2BppcU4lpQTLnKSw04W9LJmSQFMyMCvyWS6FIfsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aac8fc856ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-5c2cfe2f.js

104.21.19.111

200 OK

6.1 kB

URL GET HTTP/3
flaredownload.com/assets/hl-5c2cfe2f.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (6096), with no line terminators
Size
6.1 kB (6095 bytes)
Hash
1688ac06cc894985a8a82aee191cba8c
b26ccd34be5c0a5c6b31d01e272af637302189c4
cdef597b7b8f1cb9114a5a5929e21ce2201dbe7230717b3a759b93b674cd7a9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-5c2cfe2f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6097
access-control-allow-origin: *
etag: W/"6630d038-17d1"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoO%2BxMgfHJs96M50P0ezNmkd4hbTAijAjb3QH%2Fji%2BYsuZMDgIuG0rtYAB%2BNE2BrUo6vhwUH4SJT6xVkLv8jXDrzPl02ejumkUb7KfXWRp1Ni8%2BjZohwew8vpJHgNDKKVvh4IIwdsmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aacafd656ab-OSL
content-encoding: br

flaredownload.com/assets/hl-b2285d0c.js

104.21.19.111

200 OK

418 B

URL GET HTTP/3
flaredownload.com/assets/hl-b2285d0c.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (440), with no line terminators
Size
418 B (418 bytes)
Hash
85588ca35855f6b2ae9286b7196feeae
bf251e5fd48bb9b6c73edb97db4c4a836716cc2e
d6b4dba6dff1850017bd0192679ea50a68d766afe6a3ffb9857082a46315e45a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-b2285d0c.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-9b82fb7e.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=419
access-control-allow-origin: *
etag: W/"6630d038-1a3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QVmyjbIZ2O5K4Lw93daefJhpPophmiRvAhrefWRCr99G8PG%2BLFZNhM39aKvaXp%2B%2BSDTOh%2B9MTAzyNS5MadPak0D1sO9ULMzVit%2FUoa7wtUWvYiF7Sl%2BkKx1rLIMhfxMLzRWiNQ7cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87ed8aaa6f3256ab-OSL
content-encoding: br

flaredownload.com/assets/hl-6f73767e.js

104.21.19.111

200 OK

1.3 kB

URL GET HTTP/3
flaredownload.com/assets/hl-6f73767e.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (1339), with no line terminators
Size
1.3 kB (1263 bytes)
Hash
cb8bcdfc3cbfdaa5f45fb4634fd8fdc4
204d0e729a888b5fea330aadc74f95aabfd0c69f
d5c2f3407a8eabf1187c5b62c161252aad65b05c84a3e7392b545b1f0e690349

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-6f73767e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-9b82fb7e.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1264
access-control-allow-origin: *
etag: W/"6630d038-4f0"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeqJ6AXDVsnEEsJdXOcM0cRD5xtn%2BPQHhZukrBQpNT8EvmpCHrsJLnj0dIaQtSMGEfA1JkxpZ62bPsGr0QU5WVWdugMxcK4NmO0%2FJLhvGv57SAs%2BEE2PAk3SqOdVd661dOIEC9gDOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87ed8aac6fc056ab-OSL
content-encoding: br

flaredownload.com/assets/hl-c19e0283.js

104.21.19.111

200 OK

2.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-c19e0283.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (2919), with no line terminators
Size
2.8 kB (2841 bytes)
Hash
8b71a60b5768b9cced21d3a8fea48b9a
772986f0db471c4d8df2d8199cf20e8d1d2d1aea
d00f6a255df62d96cdefa8aa4776e04495761586cc950c94a09d3145109fb783

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-c19e0283.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-5c2cfe2f.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"6630d038-b1a"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bb9UMKdCpLXdtIbecWffDH4BIze9VczAsF9MiXKi%2BfpyObzGpfmMh9H9fgMrhrtDowvP%2FZixmqiX0U8eoTZLssOGGIszWx2VBVevb2kllhRLxO0fBJI%2FD7WQ1X2f5XQPMbivKrwppg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aae082f56ab-OSL
content-encoding: br

flaredownload.com/assets/hl-9b82fb7e.js

104.21.19.111

200 OK

4.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-9b82fb7e.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (5067), with no line terminators
Size
4.8 kB (4793 bytes)
Hash
d6a5fd5adbf8c12b0cca48ec179c49a3
a209a4cb9020c5233beaf96ea3aa33d6de7ed3b2
448378f8afda38d2a252bc2c362707b7ceb0ecbf724768ff2de171bdb535fc6a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-9b82fb7e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4794
access-control-allow-origin: *
etag: W/"6630d038-12ba"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUYp8k107CQEzCfBS1RJONM7CXoioGZEEUZTp371cxqYo%2B0NrkECSxtT7O53hX09r6UcUMD2hB6Jmf%2BaO6rI%2FGpFaEmWvgJGMAEUYPLBK85MYAh8XLsWz8TjZ9umOC1fevpIDQE4aA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aa9ff0d56ab-OSL
content-encoding: br

flaredownload.com/assets/hl-4f383950.js

104.21.19.111

200 OK

561 B

URL GET HTTP/3
flaredownload.com/assets/hl-4f383950.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (583), with no line terminators
Size
561 B (561 bytes)
Hash
ecfa1edea2124a26c0eebe13301df934
7daea65038b70ae4169779de3cb9b371958118fd
c6229eac3f5dffc7af687347ae6e6768c08e8c91c6f1101cec7a31110508c327

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-4f383950.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"6630d038-232"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ci6pFPdqu6vera3XCfB9jLUhGQXnyvXzxwdAm9CHYDHOFVgKWkDZvceenLC3pEjH6V%2BSaO7ceiQJvveMw8KMFMrNFKbt%2FtaWmGFUqpFulzsAzjDuQnMkUKb%2BRSpfSj8AsHdIeeqKHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aacafd456ab-OSL
content-encoding: br

flaredownload.com/assets/hl-de833af9.js

104.21.19.111

200 OK

690 B

URL GET HTTP/3
flaredownload.com/assets/hl-de833af9.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (704), with no line terminators
Size
690 B (690 bytes)
Hash
25a523c7c0658e2bf768f0e26f59fbd8
fdae37e60c01daf3551830ba3639873e313e6495
37c6c8ba37235a274a7739b7021a9ea8104d57dd951ede499d1691f28175fb59

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-de833af9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-1ce00f64.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=691
access-control-allow-origin: *
etag: W/"6630d038-2b3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sE2wRjcE0eBMndkNipetbxGf4G0H06HS%2B%2Fjsykl0%2BapfAX5z89UA%2B28nlRckqFnRy0KmEhg%2F7tBFQlE74VQOLwWui9GX0r8u1V4y7s%2B2VD2Z0HY2sde175RSjZZbZXQll5QQ4b4Umw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87ed8aaa7f3a56ab-OSL
content-encoding: br

flaredownload.com/assets/hl-b2285d0c.js

104.21.19.111

200 OK

418 B

URL GET HTTP/3
flaredownload.com/assets/hl-b2285d0c.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (440), with no line terminators
Size
418 B (418 bytes)
Hash
85588ca35855f6b2ae9286b7196feeae
bf251e5fd48bb9b6c73edb97db4c4a836716cc2e
d6b4dba6dff1850017bd0192679ea50a68d766afe6a3ffb9857082a46315e45a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-b2285d0c.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=419
access-control-allow-origin: *
etag: W/"6630d038-1a3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QVmyjbIZ2O5K4Lw93daefJhpPophmiRvAhrefWRCr99G8PG%2BLFZNhM39aKvaXp%2B%2BSDTOh%2B9MTAzyNS5MadPak0D1sO9ULMzVit%2FUoa7wtUWvYiF7Sl%2BkKx1rLIMhfxMLzRWiNQ7cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aa9ff0e56ab-OSL
content-encoding: br

flaredownload.com/assets/hl-a4d1bde7.js

104.21.19.111

200 OK

616 B

URL GET HTTP/3
flaredownload.com/assets/hl-a4d1bde7.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (636), with no line terminators
Size
616 B (616 bytes)
Hash
d64c13ef8009002b5acd79f4a90c7cd1
68dfd81e5e5543166f4855b3f26001601ff20861
60858ca0dc0ac6d0cbe762fd28432b53b4832135668792a07932e5d269ef59ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-a4d1bde7.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-5c2cfe2f.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"6630d038-269"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqolbZf5rSd%2BlJpWAqec5UjAi%2FENOz111tj3IqGcJANbv2UCqRX4Xo6r0TtqaX%2BXajewbFZSgBEk7N%2FFXkW25FFjt53KlKmJuu2S%2F%2FIj0uro4J9ZcbGaVrt8TBdvtKs1VV3xGnxPaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aae083256ab-OSL
content-encoding: br

www.googletagmanager.com/gtag/js?id=UA-195162716-6

142.250.74.168

200 OK

208 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-195162716-6
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
208 kB (207572 bytes)
Hash
bab419e312844e3e7db8e44f7cea17de
4761ffb1b11165c8b8b20da3e5af4335c8607243
14d522bba4f14dc2e7fee87b67ba6d17d1435265e5c23817f4cdde7494f6b8cb

HTTP Headers

GET /gtag/js?id=UA-195162716-6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 May 2024 03:11:10 GMT
expires: Sun, 05 May 2024 03:11:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-a4d1bde7.js

104.21.19.111

200 OK

616 B

URL GET HTTP/3
flaredownload.com/assets/hl-a4d1bde7.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (636), with no line terminators
Size
616 B (616 bytes)
Hash
d64c13ef8009002b5acd79f4a90c7cd1
68dfd81e5e5543166f4855b3f26001601ff20861
60858ca0dc0ac6d0cbe762fd28432b53b4832135668792a07932e5d269ef59ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-a4d1bde7.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"6630d038-269"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqolbZf5rSd%2BlJpWAqec5UjAi%2FENOz111tj3IqGcJANbv2UCqRX4Xo6r0TtqaX%2BXajewbFZSgBEk7N%2FFXkW25FFjt53KlKmJuu2S%2F%2FIj0uro4J9ZcbGaVrt8TBdvtKs1VV3xGnxPaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aadf82856ab-OSL
content-encoding: br

flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=

104.21.19.111

200 OK

417 B

URL User Request GET HTTP/2
flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
HTML document, ASCII text, with very long lines (456), with no line terminators
Size
417 B (417 bytes)
Hash
ae40dc35b54c449af1852de26d7c79ec
c94e4c1c6724ac159e3ed648417a20c47139695b
2744f75b5c542db3a30c4bf2e4dc74f8ceba48e2c5d2f98508c06dd2e001f8e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 May 2024 03:11:09 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oNXcmAt869mWB%2Fz0MkNpNBNiXo8QiX%2F4ZKCDxwvzsu02i8FPUhjQ1fBqM8r1LyoRCbXs3EUMv6cZXBKbH%2B3yPPMTKPl4KmPZZitt%2BYqShm%2FpZ9C3HmDl0%2BQXa44Mqdk%2FM1FEYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8aa55f5d56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-de833af9.js

104.21.19.111

200 OK

690 B

URL GET HTTP/3
flaredownload.com/assets/hl-de833af9.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (704), with no line terminators
Size
690 B (690 bytes)
Hash
25a523c7c0658e2bf768f0e26f59fbd8
fdae37e60c01daf3551830ba3639873e313e6495
37c6c8ba37235a274a7739b7021a9ea8104d57dd951ede499d1691f28175fb59

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-de833af9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=691
access-control-allow-origin: *
etag: W/"6630d038-2b3"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sE2wRjcE0eBMndkNipetbxGf4G0H06HS%2B%2Fjsykl0%2BapfAX5z89UA%2B28nlRckqFnRy0KmEhg%2F7tBFQlE74VQOLwWui9GX0r8u1V4y7s%2B2VD2Z0HY2sde175RSjZZbZXQll5QQ4b4Umw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aaa0f1356ab-OSL
content-encoding: br

flaredownload.com/assets/hl-c19e0283.js

104.21.19.111

200 OK

2.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-c19e0283.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (2919), with no line terminators
Size
2.8 kB (2841 bytes)
Hash
8b71a60b5768b9cced21d3a8fea48b9a
772986f0db471c4d8df2d8199cf20e8d1d2d1aea
d00f6a255df62d96cdefa8aa4776e04495761586cc950c94a09d3145109fb783

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-c19e0283.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"6630d038-b1a"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bb9UMKdCpLXdtIbecWffDH4BIze9VczAsF9MiXKi%2BfpyObzGpfmMh9H9fgMrhrtDowvP%2FZixmqiX0U8eoTZLssOGGIszWx2VBVevb2kllhRLxO0fBJI%2FD7WQ1X2f5XQPMbivKrwppg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aadf82656ab-OSL
content-encoding: br

flaredownload.com/assets/hl-6f73767e.js

104.21.19.111

200 OK

1.3 kB

URL GET HTTP/3
flaredownload.com/assets/hl-6f73767e.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (1339), with no line terminators
Size
1.3 kB (1263 bytes)
Hash
cb8bcdfc3cbfdaa5f45fb4634fd8fdc4
204d0e729a888b5fea330aadc74f95aabfd0c69f
d5c2f3407a8eabf1187c5b62c161252aad65b05c84a3e7392b545b1f0e690349

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-6f73767e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1264
access-control-allow-origin: *
etag: W/"6630d038-4f0"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LeqJ6AXDVsnEEsJdXOcM0cRD5xtn%2BPQHhZukrBQpNT8EvmpCHrsJLnj0dIaQtSMGEfA1JkxpZ62bPsGr0QU5WVWdugMxcK4NmO0%2FJLhvGv57SAs%2BEE2PAk3SqOdVd661dOIEC9gDOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aaacf5956ab-OSL
content-encoding: br

flaredownload.com/prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png

104.21.19.111

200 OK

9.2 kB

URL GET HTTP/3
flaredownload.com/prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
9.2 kB (9232 bytes)
Hash
f4a32eb2e5f203dab4882f7b7581b06e
8d51933205a3ed27c2c6bd0182142d6f8432d929
83ec91fc25549922aa0f873a3dc6a3e71f83d8b8cd75fb018475762be29a894e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: image/png
content-length: 9232
last-modified: Tue, 03 Aug 2021 15:21:51 GMT
etag: "61095f0f-2410"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nkj8Yhzkz80mEqdX7JqkqkHtkIYRw%2F0JtoU106KLZttVyxnHwzIImp07LjV2WrQBzo%2FRQ1ei22AFHo5%2FvuM3gb4FCglWYPUFIjyayFOxkSeBeKyFm8Fj3nK%2B7mMwKDWlmbX03MtuUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 87ed8aaef87256ab-OSL
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-cb0a5a8f.js

104.21.19.111

200 OK

779 B

URL GET HTTP/3
flaredownload.com/assets/hl-cb0a5a8f.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (821), with no line terminators
Size
779 B (779 bytes)
Hash
f058ffd65de848c85f1c8530f12b2662
e9c93ba580d348525c24b3151dec389e0024c8d0
3dd776711e35db679c1de366efe262f6de9027e36aa19f5703e797a8183f3169

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-cb0a5a8f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"6630d038-30c"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oB6LD5Uju%2BRo8BpQ6InLQzOI1Wwh3%2FqZrOCzn3HnLf5M0cwE5lBiMxpUx6ULCAMz1L2Rh7cyyrBeUs%2Freww62Yx9oG7Bk2bXzOdAVpL1yfjFECfI2TOD6%2BeJFEY2014piuBP2btYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aadf82756ab-OSL
content-encoding: br

flaredownload.com/assets/hl-edb2da2a.js

104.21.19.111

200 OK

1.4 kB

URL GET HTTP/3
flaredownload.com/assets/hl-edb2da2a.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1438), with no line terminators
Size
1.4 kB (1410 bytes)
Hash
862c9cf6fcd7b7f9a63460432c1c4cd4
fd37338a883a89512e82afbc9c5e226b871d4fed
cd09ea827717eb9bf6f24164c61f1c8c8fbf4c41d80b4c9bdf48cefede2e3290

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-edb2da2a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1413
access-control-allow-origin: *
etag: W/"6630d038-585"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErS4f%2F0QsBFBq8ErNEZGDAZq3FWlK2Homif0axYbS7ybb8yLsVbg8FUaFthr8eIoz6GIFunFh7KXj4Z4xAlfjDVoJgBD4x%2B0UewXmQRR%2FlMbwRTisaWiWKlnWSfyfd9KdFuce%2FX%2FJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aaa0f1056ab-OSL
content-encoding: br

fonts.googleapis.com/css?family=Roboto:300,400,500,700

142.250.74.106

200 OK

8.7 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (8956), with no line terminators
Size
8.7 kB (8732 bytes)
Hash
91804c0df51e58b0bf469561e1ac2732
cc5a9023e310b49ef8f8ae32bb89ea774fe116ec
8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa

HTTP Headers

GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 03:11:10 GMT
date: Sun, 05 May 2024 03:11:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

flaredownload.com/assets/hl-4f383950.js

104.21.19.111

200 OK

561 B

URL GET HTTP/3
flaredownload.com/assets/hl-4f383950.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (583), with no line terminators
Size
561 B (561 bytes)
Hash
ecfa1edea2124a26c0eebe13301df934
7daea65038b70ae4169779de3cb9b371958118fd
c6229eac3f5dffc7af687347ae6e6768c08e8c91c6f1101cec7a31110508c327

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-4f383950.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-0b0bf188.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"6630d038-232"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ci6pFPdqu6vera3XCfB9jLUhGQXnyvXzxwdAm9CHYDHOFVgKWkDZvceenLC3pEjH6V%2BSaO7ceiQJvveMw8KMFMrNFKbt%2FtaWmGFUqpFulzsAzjDuQnMkUKb%2BRSpfSj8AsHdIeeqKHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87ed8aad6ffc56ab-OSL
content-encoding: br

flaredownload.com/assets/hl-edb2da2a.js

104.21.19.111

200 OK

1.4 kB

URL GET HTTP/3
flaredownload.com/assets/hl-edb2da2a.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1438), with no line terminators
Size
1.4 kB (1410 bytes)
Hash
862c9cf6fcd7b7f9a63460432c1c4cd4
fd37338a883a89512e82afbc9c5e226b871d4fed
cd09ea827717eb9bf6f24164c61f1c8c8fbf4c41d80b4c9bdf48cefede2e3290

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-edb2da2a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-9b82fb7e.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1413
access-control-allow-origin: *
etag: W/"6630d038-585"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErS4f%2F0QsBFBq8ErNEZGDAZq3FWlK2Homif0axYbS7ybb8yLsVbg8FUaFthr8eIoz6GIFunFh7KXj4Z4xAlfjDVoJgBD4x%2B0UewXmQRR%2FlMbwRTisaWiWKlnWSfyfd9KdFuce%2FX%2FJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87ed8aaa7f3756ab-OSL
content-encoding: br

flaredownload.com/visit/get-data?landingId=7748&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The+New+Human+Revolution,+vol.+21&email=&subsource=

104.21.19.111

200 OK

7.4 kB

URL GET HTTP/3
flaredownload.com/visit/get-data?landingId=7748&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The+New+Human+Revolution,+vol.+21&email=&subsource=
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (8013), with no line terminators
Size
7.4 kB (7379 bytes)
Hash
37c8027e773d5ffd58fe72aa1fa2a1fa
ced87573f9bcb96b4057241be2d4ae841669ec12
ddf1a7e3d381ecb2cc0b1757c7a6d8da2a55cfdf6584088abd4b3943752bdcbf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /visit/get-data?landingId=7748&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The+New+Human+Revolution,+vol.+21&email=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: f334304bcdaa40d89aa30467ce364e95-b1d885285af56e1c-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=f334304bcdaa40d89aa30467ce364e95,sentry-sample_rate=0.1,sentry-sampled=false
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/json; charset=UTF-8
set-cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIb3jgh8OvFVO0QC6X8mgM4D5Bb%2BKG6yIo0p%2FcQuopr1yXOs4EVwoWM9qd%2BMUzlEhFhbXxMOfxSqbDO6QGn0q4lFM04ObcS2CZbl3Q9VUBmcOeKZZKfnTsldL5qWTA9LIbXZWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ed8aa8beb956ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-08811a43.js

104.21.19.111

200 OK

1.9 kB

URL GET HTTP/3
flaredownload.com/assets/hl-08811a43.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1960), with no line terminators
Size
1.9 kB (1922 bytes)
Hash
2059a24e2092724efa9ff5aab03a5e43
58637450b31f5086b72bb022397cc7130c5b355a
53e7da919f2ca3228b31f8f96d36a19458e378bab35990facbcba8a62b18b7ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-08811a43.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1923
access-control-allow-origin: *
etag: W/"6630d038-783"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yeJK8hwCK70Ljgp9ruqkI3uTQPi4SVhqNxfk46dhuPXfaU6k7hHZuGVFdJ4maCdsHif2t9kp0%2FvFyln8MammmwL8f1HWVuR9R5NpjBgGrt1ISx835Gd2NoMAU2ywUC2wIXXk2UyLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aae082956ab-OSL
content-encoding: br

flaredownload.com/assets/hl-cb0a5a8f.js

104.21.19.111

200 OK

779 B

URL GET HTTP/3
flaredownload.com/assets/hl-cb0a5a8f.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (821), with no line terminators
Size
779 B (779 bytes)
Hash
f058ffd65de848c85f1c8530f12b2662
e9c93ba580d348525c24b3151dec389e0024c8d0
3dd776711e35db679c1de366efe262f6de9027e36aa19f5703e797a8183f3169

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-cb0a5a8f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-5c2cfe2f.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"6630d038-30c"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4oB6LD5Uju%2BRo8BpQ6InLQzOI1Wwh3%2FqZrOCzn3HnLf5M0cwE5lBiMxpUx6ULCAMz1L2Rh7cyyrBeUs%2Freww62Yx9oG7Bk2bXzOdAVpL1yfjFECfI2TOD6%2BeJFEY2014piuBP2btYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aae083056ab-OSL
content-encoding: br

flaredownload.com/assets/hl-cecfe82c.js

104.21.19.111

200 OK

3.2 kB

URL GET HTTP/3
flaredownload.com/assets/hl-cecfe82c.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (3246), with no line terminators
Size
3.2 kB (3166 bytes)
Hash
baeaddeb391232a249395c13f7f379b5
3e1199f529c869f163ccaa0354c043190453dda3
ac234644125deb03f142d4cf9dc6d234551a5f3f00bfb7875eaa7ed037971b12

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-cecfe82c.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-d9848c4e.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=3167
access-control-allow-origin: *
etag: W/"6630d038-c5f"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6M87wyqlZnxojVpmkSp%2BbxV01ISQC6opKwQi6ctdKIYxBLYDSxksAyybfWdF68tNUNB09PIAjkcvPYwRZuOd5mIh729ev4jFljI9C7gpin7pWa7%2Fa7Tfy6cKcpBoTPxMzXnZWc8igg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aa9ff0a56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

flaredownload.com/assets/hl-08811a43.js

104.21.19.111

200 OK

1.9 kB

URL GET HTTP/3
flaredownload.com/assets/hl-08811a43.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1960), with no line terminators
Size
1.9 kB (1922 bytes)
Hash
2059a24e2092724efa9ff5aab03a5e43
58637450b31f5086b72bb022397cc7130c5b355a
53e7da919f2ca3228b31f8f96d36a19458e378bab35990facbcba8a62b18b7ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-08811a43.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-a4d1bde7.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1714878670.1.0.1714878670.0.0.0; _ga=GA1.1.975271193.1714878671
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:11 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1923
access-control-allow-origin: *
etag: W/"6630d038-783"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yeJK8hwCK70Ljgp9ruqkI3uTQPi4SVhqNxfk46dhuPXfaU6k7hHZuGVFdJ4maCdsHif2t9kp0%2FvFyln8MammmwL8f1HWVuR9R5NpjBgGrt1ISx835Gd2NoMAU2ywUC2wIXXk2UyLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87ed8aae684a56ab-OSL
content-encoding: br

flaredownload.com/assets/hl-35a77ba0.js

104.21.19.111

200 OK

72 kB

URL GET HTTP/3
flaredownload.com/assets/hl-35a77ba0.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type

Size
72 kB (71682 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-1ce00f64.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"6630d038-11952"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ao3GGfl8ETrmKyShZMMI7Ckm%2FqiqYtDBUB0jg2e%2BbyBgMZGg9sj%2FupfVKF4shWTZJZ7J2L7XPPHjARpuVfKE1bxwDBXw%2Ban%2FZHcS8TX4s3dTpPIwUoqBQ9qgiT6HR5tF7JBnPfa1fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 87ed8aaa7f3956ab-OSL
content-encoding: br

flaredownload.com/assets/hl-35a77ba0.js

104.21.19.111

200 OK

72 kB

URL GET HTTP/3
flaredownload.com/assets/hl-35a77ba0.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type

Size
72 kB (71682 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"6630d038-11952"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ao3GGfl8ETrmKyShZMMI7Ckm%2FqiqYtDBUB0jg2e%2BbyBgMZGg9sj%2FupfVKF4shWTZJZ7J2L7XPPHjARpuVfKE1bxwDBXw%2Ban%2FZHcS8TX4s3dTpPIwUoqBQ9qgiT6HR5tF7JBnPfa1fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aaa0f1256ab-OSL
content-encoding: br

flaredownload.com/assets/hl-9b82fb7e.js

104.21.19.111

200 OK

4.8 kB

URL GET HTTP/3
flaredownload.com/assets/hl-9b82fb7e.js
IP
104.21.19.111:443
ASN
#13335 CLOUDFLARENET

Requested by
https://flaredownload.com/en_us/unlock-content-now-1?&subid=47992364-2729-416e-be90-83d893238bb5&networkid=200347&publisher=0909c0fd&isNewTr=1&stream=The%20New%20Human%20Revolution,%20vol.%2021&email=&subsource=&subsource=
Certificate
IssuerGoogle Trust Services LLC
Subjectflaredownload.com
FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50
ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT

File type
ASCII text, with very long lines (5067), with no line terminators
Size
4.8 kB (4793 bytes)
Hash
d6a5fd5adbf8c12b0cca48ec179c49a3
a209a4cb9020c5233beaf96ea3aa33d6de7ed3b2
448378f8afda38d2a252bc2c362707b7ceb0ecbf724768ff2de171bdb535fc6a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/hl-9b82fb7e.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-d9848c4e.js
Cookie: visitInfo::7748=78195cff8daab7ba0eddc67d76aa73b9276dfcffc9943c5e566dc30431281600a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%2226d325303018d72bc56e69d9fe89fa51%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%220909c0fd%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%2247992364-2729-416e-be90-83d893238bb5%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 May 2024 03:11:10 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4794
access-control-allow-origin: *
etag: W/"6630d038-12ba"
last-modified: Tue, 30 Apr 2024 11:04:24 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUYp8k107CQEzCfBS1RJONM7CXoioGZEEUZTp371cxqYo%2B0NrkECSxtT7O53hX09r6UcUMD2hB6Jmf%2BaO6rI%2FGpFaEmWvgJGMAEUYPLBK85MYAh8XLsWz8TjZ9umOC1fevpIDQE4aA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 87ed8aaa0f1456ab-OSL
content-encoding: br

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL