| flaredownload.com/assets/hl-35a77ba0.js | 104.21.19.111 | 200 OK | 27 kB |
URL GET HTTP/3flaredownload.com/assets/hl-35a77ba0.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (37102) Hashf87da472e47dc575b6cb8dc377d18916 bff262654ae71f3be0a658cfbe5a53c787c05d55 5c38207c92f3650eaef6616521c8b1e0a03ceb384030f1c2b67cb75e25925ca8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-1d9299f0.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"6639e6e3-11952"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVcE2h2qpwFs%2FBqD%2BbPTM5E%2FdOpI77D2urIhU7e8hxXvfovqFxouIh86RfkUYHzyr0GCbw9rfvQFs7BhNB2BS1zOvshhPu3EgJbxYYUQnvu5hzLq99C0lpoQZWnntMSgmvXBbUCk0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec458f7d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-35a77ba0.js | 104.21.19.111 | 200 OK | 102 kB |
URL GET HTTP/3flaredownload.com/assets/hl-35a77ba0.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (37102) Size102 kB (102270 bytes) Hashf87da472e47dc575b6cb8dc377d18916 bff262654ae71f3be0a658cfbe5a53c787c05d55 5c38207c92f3650eaef6616521c8b1e0a03ceb384030f1c2b67cb75e25925ca8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-35a77ba0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72018
access-control-allow-origin: *
etag: W/"6639e6e3-11952"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVcE2h2qpwFs%2FBqD%2BbPTM5E%2FdOpI77D2urIhU7e8hxXvfovqFxouIh86RfkUYHzyr0GCbw9rfvQFs7BhNB2BS1zOvshhPu3EgJbxYYUQnvu5hzLq99C0lpoQZWnntMSgmvXBbUCk0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec450e685688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-016c1a2d.js | 104.21.19.111 | 200 OK | 184 kB |
URL GET HTTP/3flaredownload.com/assets/hl-016c1a2d.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size184 kB (183865 bytes) Hash6f9b2057062a1662be08363e30596a68 f82cded4ee9eecfbc1712e636c6fe4fadc8ec0d1 c00ad680dd0968e24075c04746e1a39be2a69cd9c3a374bae7587fd4d0454d54
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-016c1a2d.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=266407
access-control-allow-origin: *
etag: W/"6639e6e3-410a7"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKUpQZzEMsB0n2%2FssSb86%2FhC2sZ%2F39yb9O3g0mueD27aeHHCVwIlSZPJevdbffhqMN3Czth%2BZTmHkax52JM7llhKzbg3uAEKmHdDjaSVTEwZ0G1GNhA7fL2nEYuNswAjjfKqPBVb3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec45e85b5688-OSL
content-encoding: br
|
|
| flaredownload.com/assets/hl-edb2da2a.js | 104.21.19.111 | 200 OK | 1.2 kB |
URL GET HTTP/3flaredownload.com/assets/hl-edb2da2a.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1410), with no line terminators Hash0fb9d8a5fba7f6a569da52896f965ea3 6e57202028341c2674083acf9e428817c6725c6c 30137b4b0317a40d0c195fff2b2cd054bb39adf2fb94d357f269cb36e3c11581
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-edb2da2a.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-5d7a8293.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1413
access-control-allow-origin: *
etag: W/"6639e6e3-585"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAEv3a1DSorbOMv3h9iyJbmvoq9fqsMG1V3%2Bh%2FlkxxaGfzEeZ8wqt%2BUzvnDwrPArAI26Cp%2BsqbcYitpQKkVzKrLSD8Iw%2BFLfldm8tZo4IM6X%2FehvemVz4bb1W%2FXUL695pxAFmimqYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec45bfcd5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-af68a598.js | 104.21.19.111 | 200 OK | 9.4 kB |
URL GET HTTP/3flaredownload.com/assets/hl-af68a598.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (360), with no line terminators Hash89bbeff1daa0abfe3e0a7441d0d3328a 95f415a997a0348a27d90a9b324515a4e0127202 4ac995e3e83bf5b742f17946d2a2da045974a8f44a97614d7e035f310526ad9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-af68a598.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-d3953248.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=361
access-control-allow-origin: *
etag: W/"6639e6e3-169"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yU%2FaKBGUzuhIxsjA8N%2FK8ZULLTMBtKml1UU%2FhWVm%2BZl3uokQP6kMklRaJ9wXbdbiWAKuizEe%2FUytazTzO8lu5UPgasVxlpm0LB%2FV8n7JxyMM6cIv%2BrMUjY2A%2FQfZhA31rUAU6TzoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec483d765688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png | 104.21.19.111 | | 971 B |
URL GET flaredownload.com/prod/images/2f40fa92fce11c340f70807da03ac0b2.png IP104.21.19.111:0
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typePNG image data, 111 x 75, 8-bit colormap, non-interlaced Hash2f40fa92fce11c340f70807da03ac0b2 89ef777357b185dee8937a3da0983f39f156fb10 44990fb54269fdec9302792e2c01543679151dbfb279e63089e28656884b3794
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prod/images/2f40fa92fce11c340f70807da03ac0b2.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: image/png
content-length: 971
last-modified: Thu, 13 Jan 2022 13:22:43 GMT
etag: "61e027a3-3cb"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HVXxjRq8LSvj%2FF7sV13cmWWG3O9kt24btWiolaNMOdRIUSYroyhYXzM4mALPZ2Cy3EsZzRBe9M8ISz0xZRUm%2F7EbGQTQTE%2FAIJA58sTZ2KOg5jZPXuMLvUJUOf%2BT4XcQJnMceMKUNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 8801ec497fd95688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png | 104.21.19.111 | | 3.2 kB |
URL GET flaredownload.com/prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png IP104.21.19.111:0
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typePNG image data, 100 x 100, 8-bit colormap, non-interlaced Hash18e8c55ad549933e62ee40b8c7adbdd0 f7bc824a4c70a4babc07b21fcbd413885128e92e 69bec757694a537e73efba217eaca74df87935a063fe5c6a25f22c7e196f6520
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prod/images/18e8c55ad549933e62ee40b8c7adbdd0.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: image/png
content-length: 3235
last-modified: Mon, 24 Apr 2023 09:10:42 GMT
etag: "64464792-ca3"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FtW6i1x0eJ6HoreNg7BTITNxk4QdaJFVOgdNKHSWjCrSswvyrssE4H2S4LWrnxOcT0YMNZHDU6MkgUvrdh%2BlpJYW7U2Gp75nqJ9msZ8gZkLoa12Kbeb5LQfBP9mWKmIiWR9xJJa9HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
accept-ranges: bytes
server: cloudflare
cf-ray: 8801ec497fd55688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-af68a598.js | 104.21.19.111 | 200 OK | 8.2 kB |
URL GET HTTP/3flaredownload.com/assets/hl-af68a598.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (360), with no line terminators Hash89bbeff1daa0abfe3e0a7441d0d3328a 95f415a997a0348a27d90a9b324515a4e0127202 4ac995e3e83bf5b742f17946d2a2da045974a8f44a97614d7e035f310526ad9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-af68a598.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=361
access-control-allow-origin: *
etag: W/"6639e6e3-169"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yU%2FaKBGUzuhIxsjA8N%2FK8ZULLTMBtKml1UU%2FhWVm%2BZl3uokQP6kMklRaJ9wXbdbiWAKuizEe%2FUytazTzO8lu5UPgasVxlpm0LB%2FV8n7JxyMM6cIv%2BrMUjY2A%2FQfZhA31rUAU6TzoWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec47ec785688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-df71e98f.js | 104.21.19.111 | 200 OK | 563 B |
URL GET HTTP/3flaredownload.com/assets/hl-df71e98f.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (915), with no line terminators Hash60a5eed01c0dddc43d1759559fd28060 1e925a2e069a52ff67cd312e1fe8fa8f4f6d2fef ac592a8b360e2139a861144c2c666bf0af96809e06e392171549d3ad9c0f3e06
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-df71e98f.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=916
access-control-allow-origin: *
etag: W/"6639e6e3-394"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6A4NNQWi1Gkx5oNLe3D227U%2FeDbVMd2LVsv4olRomX82iwFrKM8nupZKBc90qQ6XuuUQRvOUL0tET%2BRR%2FTF3m1oyI8DovAMucEzIoJBipZD12z%2BnHBpaD6GB4xKaoNrPMILqndoxKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec48ceaa5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-41e46faf.woff2 | 104.21.19.111 | 200 OK | 7.9 kB |
URL GET HTTP/3flaredownload.com/assets/hl-41e46faf.woff2 IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7900, version 1.0 Hash9ed361bba8488aeb2797b82befda20f1 6f80d965a066aff81c0a344d4b7297bd009cc099 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-41e46faf.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/octet-stream
content-length: 7900
last-modified: Tue, 07 May 2024 08:31:30 GMT
etag: "6639e6e2-1edc"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ww5PmnDM9QKXNVuwDfYBzIz3MuYkAUfFxZY%2FQEZFC%2BTYJFJhPv6Lw8Q5j1Lj7tvAYwEitngD7okWmhS%2B9ve0Dkq7V2JHjQfrCYzPgUtV%2B3ayMEFp7BKc3DSXMEKP1beGqpKK2aQrlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 8801ec4998115688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/visit/get-data?landingId=7748&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource= | 104.21.19.111 | 200 OK | 11 kB |
URL GET HTTP/3flaredownload.com/visit/get-data?landingId=7748&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource= IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
Hash53970adedb03373d7d1d06e380889fa5 4e3a5a1e39fc6d8300362102734d653904f68f60 4fb44eea92fdd9d0a3300e0bec4de8e243dcd084bc91dd4302285c78254e378a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /visit/get-data?landingId=7748&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
sentry-trace: 462fdf9c1b5f4322985261c3839c5494-8c103594f571bf4e-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=462fdf9c1b5f4322985261c3839c5494,sentry-sample_rate=0.1,sentry-sampled=false
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/json; charset=UTF-8
set-cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; path=/; HttpOnly; SameSite=Lax
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zQH05s68z1vQmX4u2v97b6%2F6ch1Gd1bF4LOlb0LTU9NitJ64zTdwMX9qE%2BRmuSOMbi799UD29fpdsAaU1EchqmmpeZFQOG5ddw5XTzqiPDI68hbnJvGRmJTNJ9DO7L3MOTl%2BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801ec436a3e5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| event.secureanalytic.com/register/event_log/v9e179lqez | 104.21.77.48 | 200 OK | 0 B |
URL POST HTTP/2event.secureanalytic.com/register/event_log/v9e179lqez IP104.21.77.48:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerLet's Encrypt Subjectsecureanalytic.com FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63 ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /register/event_log/v9e179lqez HTTP/1.1
Host: event.secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/
Content-type: application/json
Content-Length: 114
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-length: 0
expires: 0
cache-control: no-cache, no-store, max-age=0, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-pushplatformapp-params:
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-pushplatformapp-alert: pushPlatformApp.pushSubscription.deleted
x-frame-options: SAMEORIGIN
access-control-expose-headers: Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-allow-origin: *
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O6spQDGNA%2BPRETuSn9g9qRtvck7SRqhhqHXxc1SqScf9uYGBaa1mTFsGA5xIpepvhSNdAHAFtKcGt28GouybO4ZahI70GKDIw5fUQbgo9V2NTl7K%2Bn9qFigER2dtxPp%2B%2F5HMw6Q01lnYd8s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801ec4a0f315695-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-de833af9.js | 104.21.19.111 | 200 OK | 23 kB |
URL GET HTTP/3flaredownload.com/assets/hl-de833af9.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (690), with no line terminators Hash07f4201d4f772dc3825f3399bb217552 e70c0af48037b02ab9ea515952b889f9eb7bcdb1 5103bcdb5637c56d4a70564479cef8e07ec2d3f00620b428cdb36c28c430d906
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-de833af9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=691
access-control-allow-origin: *
etag: W/"6639e6e3-2b3"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3mVKlAnuASvtCuisUHgZ0W5r4zgrg74eN9nIdDZs8A7LjD2expFpdR9MfDOf%2FkIspGOIxNftZtYpNX%2BCXLwW1JMaqv0smQZESUehuajCjE%2BAuJRg%2FcP%2FHHkZNvu2YUgwaJUws1%2Bmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec450e6b5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com | 104.21.77.48 | 200 OK | 13 kB |
URL GET HTTP/2secureanalytic.com/scripts/push/script/02eyoyxdkz?url=flaredownload.com IP104.21.77.48:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerLet's Encrypt Subjectsecureanalytic.com FingerprintE8:56:22:9E:5D:B8:81:BD:9C:20:0E:24:64:BE:C4:CA:4E:D6:C9:63 ValidityFri, 29 Mar 2024 10:27:40 GMT - Thu, 27 Jun 2024 10:27:39 GMT
File typeJavaScript source, ASCII text, with very long lines (8142) Hashf0fab3cc04750bba62119045aad0cca4 c4bac1f34757d7d9553b0f9d23b1d419e908e62e 4590979b3d0fa22e8974e8b9d80124d0f02b6accbb154ff6e9c67b59e9fcf2c6
GET /scripts/push/script/02eyoyxdkz?url=flaredownload.com HTTP/1.1
Host: secureanalytic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript;charset=UTF-8
expires: 0
cache-control: max-age=14400, must-revalidate
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
content-security-policy: default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff
permissions-policy: camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-cache-status: EXPIRED
last-modified: Tue, 07 May 2024 11:45:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2dSSceqp6lbxdmwTwh%2B6ivA%2FnwJcL4O2Z5XeMvznk%2FChYu0KtCWr%2FkmYmk6RnKAmcxVOkqJuVPLAtPdXBZSoK0ngU8GR1KJDzOuBwE3eyNfzNvvu5IzCH6ZqYxBKKZH8cMVUYIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801ec457d3e5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-449fd3ca.js | 104.21.19.111 | 200 OK | 7.3 kB |
URL GET HTTP/3flaredownload.com/assets/hl-449fd3ca.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (418), with no line terminators Hasha681492b373cf4f95d2121a01c44dfeb ede05f02d805cf75b35f7392d799722031dfa0c8 041691ae588a49650498b9ed5de6641bb9d5f41834c0f3f638c25c40d59796a8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-449fd3ca.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=419
access-control-allow-origin: *
etag: W/"6639e6e3-1a3"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hyx6VM1o5L0jVFb%2FaLh31GF7ShBXyhoXCvU7IZlkrkg%2FcU3OWkftD0OmTzZHZdOVmJ4A52CliUODcwuHVBmIInx2qJUmacL2w1RTNMjWE8urO8CydRF6%2FRuzxOzJ9PLuWfINE8%2BPdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec44fe465688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-b598c105.js | 104.21.19.111 | 200 OK | 5.4 kB |
URL GET HTTP/3flaredownload.com/assets/hl-b598c105.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (561), with no line terminators Hash572a8d2fc6e9403a186c47bc4299d87a 8885cc21801bcca938fb2ed9fea47fca6c27a56a aafbc4631c3ac6344630f7a8b26797f44c3619ec734d9081f5d6c3232d13c834
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-b598c105.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=562
access-control-allow-origin: *
etag: W/"6639e6e3-232"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XzExy%2BymlhGJXzhanlEc5mxSXfY6525VqgBb%2BJcDbQQ4nSfW7WFMxWF6lb3hoQBNbUuXUPFhAaIsVGUbBBCNyLukBTduquivBSng8iOin2FMASKA%2B9nQgazSngmFVI5UAme0%2Bbqm%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec48bea65688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-4ae220c2.js | 104.21.19.111 | 200 OK | 779 B |
URL GET HTTP/3flaredownload.com/assets/hl-4ae220c2.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (821), with no line terminators Hashac960bb4fafd7eae585cc2dd2977147c bea992f937a46aa237ca5f3c87c7f5edb3127f72 d01f6043abdbd61de10a397af1eb251e7125e1a3de229eb7afa6e198550e58cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-4ae220c2.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"6639e6e3-30c"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQb4s08lsBvgpVYLWHyhu308UFypXNafe9T7Fbl%2B5q2H%2B4LdvWgV01OOfiFFoYjHVdkT%2FSdRAdwHXir%2BfckuosU4r8wEfENsUoxvSGYh0dQOcl%2B5EjvKpFNw1kzs7vvL01mw5n%2BTgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec496fc15688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-e625189b.js | 104.21.19.111 | 200 OK | 3.2 kB |
URL GET HTTP/3flaredownload.com/assets/hl-e625189b.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (3248), with no line terminators Hash3760a138899b9cdc2ae817843b8b8c31 45befab9c698b30bbb5d71004f6914f3e4736ac1 69338ec34741d6ccbceee41cb706c4a4f9e3639f1a5919f5b31bc4ee94de4ce8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-e625189b.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-016c1a2d.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
last-modified: Tue, 07 May 2024 08:31:31 GMT
etag: W/"6639e6e3-c5f"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f59C6NiRllFr0rCFl0sQEJlvl9a4%2F%2FRLx5CPZhFwtSlnFJUPtoMG2e2S288iT%2F4mH400pHP6LDHQqqZSpUNrT9Wa3KLblzv1JLC2kUWJ7dCWRCWCVis0%2BPxwokfBY1%2BpCMds8avLcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec44ee215688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-d3953248.js | 104.21.19.111 | 200 OK | 1.3 kB |
URL GET HTTP/3flaredownload.com/assets/hl-d3953248.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (1339), with no line terminators Hash87a10432a707006822a96baf30ed8504 9523968708e793f21797ab98003b00c30d509471 b9b2ac01ba39905597c366e35775340ec383883a290d5ab9b1c7831ca1674b7e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-d3953248.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1264
access-control-allow-origin: *
etag: W/"6639e6e3-4f0"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itQZ29yW7vzOT90LW0Vd%2FAsRH181uA0t4BS2U%2BEYpusU73iu0lQoaDzMSEaMJm6to9oLSdojqye7q7nVE42nOSOV3rCXVXPr3azsIUEMQF305fjNiKH4YGT33kRClY%2BmvVryqaPgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec45e8525688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-d3953248.js | 104.21.19.111 | 200 OK | 1.3 kB |
URL GET HTTP/3flaredownload.com/assets/hl-d3953248.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (1339), with no line terminators Hash87a10432a707006822a96baf30ed8504 9523968708e793f21797ab98003b00c30d509471 b9b2ac01ba39905597c366e35775340ec383883a290d5ab9b1c7831ca1674b7e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-d3953248.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-5d7a8293.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1264
access-control-allow-origin: *
etag: W/"6639e6e3-4f0"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=itQZ29yW7vzOT90LW0Vd%2FAsRH181uA0t4BS2U%2BEYpusU73iu0lQoaDzMSEaMJm6to9oLSdojqye7q7nVE42nOSOV3rCXVXPr3azsIUEMQF305fjNiKH4YGT33kRClY%2BmvVryqaPgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec47bc1d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-9c710746.js | 104.21.19.111 | 200 OK | 1.9 kB |
URL GET HTTP/3flaredownload.com/assets/hl-9c710746.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (2045), with no line terminators Hash4b9571a545798a4daa157024a8b1f507 fe41246162d5048a32d2fb0a80c977c570feebde 2c15a14c697a5965f8de01e15c4049554ec191cb17a734b9747d1d98f4157bf3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-9c710746.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1878
access-control-allow-origin: *
etag: W/"6639e6e3-756"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDw7eK3Q6hWhKmINoj8MUuNf8NLWagdIMqpBc6s9xAsqYeVRm8Jgxr0PLAq9Iw00uoYa1gYfybi%2BVPxDHw52d%2BUBYZNd0uqtZ%2BfIRSxypY99nOUVHnpdqOanpxPvSiSui3kFIqsmwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec47ec7f5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-346b376b.js | 104.21.19.111 | 200 OK | 1.9 kB |
URL GET HTTP/3flaredownload.com/assets/hl-346b376b.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1960), with no line terminators Hashe7731485a49d3b18ab73c2efd5132cbb 983a86196a2657a6e6e730e55f4c771afa23c1c1 b62fedde63fd2481efaf838bec545e9ca1b4e97819ab30853a1b385f2c39586b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-346b376b.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-76eb7d98.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1923
access-control-allow-origin: *
etag: W/"6639e6e3-783"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H53PD%2BetlHbN03%2BZeMSVCJWIthXLCHYVGcfrtGDX6%2FZWd9mXwJliptEhMbjlLfEnuXRy5rcaQk%2B7tqmz9KmWwgjWs85e9JghkaclN1hm0IxI7WNos9UQGYl3mKUWBqrFr1v9jgB3GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec4a299d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-5d7a8293.js | 104.21.19.111 | 200 OK | 4.8 kB |
URL GET HTTP/3flaredownload.com/assets/hl-5d7a8293.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (5067), with no line terminators Hash1f91ead58338d8a945d6363574cf7ef0 72fc0d85425809081d32bb99f6375eb7ec68a46c 7badd4d4a64f29c09db7085e4135631af43a37220857a5795e36b651739e6c09
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-5d7a8293.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4794
access-control-allow-origin: *
etag: W/"6639e6e3-12ba"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gzkS168knr3sapuCvmTdyjBoHCx1DLfiNHVJ5ECgD3M08BiM18RR6dz0bZHiKd2QDbcuJUAAPRe9iZkp8kpLASzo5v%2FZMj2EfEQBIKYLAOBfuBVltGCr29mpD737fX2%2BvseFzRSY0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec44fe345688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-5d7a8293.js | 104.21.19.111 | 200 OK | 4.8 kB |
URL GET HTTP/3flaredownload.com/assets/hl-5d7a8293.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (5067), with no line terminators Hash1f91ead58338d8a945d6363574cf7ef0 72fc0d85425809081d32bb99f6375eb7ec68a46c 7badd4d4a64f29c09db7085e4135631af43a37220857a5795e36b651739e6c09
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-5d7a8293.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-016c1a2d.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=4794
access-control-allow-origin: *
etag: W/"6639e6e3-12ba"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gzkS168knr3sapuCvmTdyjBoHCx1DLfiNHVJ5ECgD3M08BiM18RR6dz0bZHiKd2QDbcuJUAAPRe9iZkp8kpLASzo5v%2FZMj2EfEQBIKYLAOBfuBVltGCr29mpD737fX2%2BvseFzRSY0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec450e6d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-78f24724.css | 104.21.19.111 | 200 OK | 26 kB |
URL GET HTTP/3flaredownload.com/assets/hl-78f24724.css IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (26409), with no line terminators Hashf89cae638a8015aae1089a2222424d0c 2af82acafcc3e922b30bed5dd5516def3003b013 5043dc083072fc72e3ac45b97c961ee95ad1b6ad9d31f5d461dad48e63454371
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-78f24724.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=26547
access-control-allow-origin: *
etag: W/"6639e6e3-67b3"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eIg4GrE1LR9wMhZccZMjuSxj4LzKwjVBA7SHNygggoiIdi6lBPcSfAxH8on62WsJGNUpvYABKGIuaR0yQZr1GzMCNKi4AjEKmIb8qZ575MnEOut7t6s4pKRDalCfTlFswPkaV3RkQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec47dc5d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-346b376b.js | 104.21.19.111 | 200 OK | 1.9 kB |
URL GET HTTP/3flaredownload.com/assets/hl-346b376b.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (1960), with no line terminators Hashe7731485a49d3b18ab73c2efd5132cbb 983a86196a2657a6e6e730e55f4c771afa23c1c1 b62fedde63fd2481efaf838bec545e9ca1b4e97819ab30853a1b385f2c39586b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-346b376b.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1923
access-control-allow-origin: *
etag: W/"6639e6e3-783"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H53PD%2BetlHbN03%2BZeMSVCJWIthXLCHYVGcfrtGDX6%2FZWd9mXwJliptEhMbjlLfEnuXRy5rcaQk%2B7tqmz9KmWwgjWs85e9JghkaclN1hm0IxI7WNos9UQGYl3mKUWBqrFr1v9jgB3GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec496fd15688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-8ecdb346.js | 104.21.19.111 | 200 OK | 6.3 kB |
URL GET HTTP/3flaredownload.com/assets/hl-8ecdb346.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (6661), with no line terminators Hash47c46646da7f220e939e22227ad81c52 943b29a57ab33348040254a84f677e9e7199f513 ea1e2a1bd2536c133f8c25c5d167fa60a5979e6875a2eeb163e1ef9a6443b7f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-8ecdb346.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6330
access-control-allow-origin: *
etag: W/"6639e6e3-18ba"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhRGXZt%2FHUlLMNlnKTUOMdU1IVFI8sM%2BPzJbAuxRl4Z91lwvL%2F5wg5Ejc0OUySyXIiVog2%2BGnOm%2FYR2%2FbS%2F3OxB3esThUsX%2F6lm%2Fn4f36icuPzvCkguczHSP3tMenpG1powzdFX9bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec47fcb95688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-4f13edc9.js | 104.21.19.111 | 200 OK | 426 B |
URL GET HTTP/3flaredownload.com/assets/hl-4f13edc9.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (456), with no line terminators Hash020a4180e14c31ebd748c5b02afaabf4 60d4904d7695cf40b7e4ee9508158ddb9e9c2add 92139ca312a5f90123e0a4c10c1b10d2514700b426c761f41dcc37253bd26ed5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-4f13edc9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=427
access-control-allow-origin: *
etag: W/"6639e6e3-1ab"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bc1mFCahq7CKoPHBGp2pQ8yIzu7M9QW9m0gaW4stDd8%2FRAwqQ6vpEjYAN6Eu2X%2FaPI4uDokFRlNIWV6VyDJPXzFmPiNrNV6hm7A3VBPfZiKVr672hWCt%2FC%2B9Qr%2BxbDSJ%2BtQNPEjn6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec47fcbe5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-76eb7d98.js | 104.21.19.111 | 200 OK | 616 B |
URL GET HTTP/3flaredownload.com/assets/hl-76eb7d98.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (636), with no line terminators Hash099fdbaaddc362dbfee0057dbff50e42 bb9ea6df527763127050ca50a6801810da55791d 55007d437735695935cee018f9583264b5652e527d3cd8ea83b96df0b07528a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-76eb7d98.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-8ecdb346.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"6639e6e3-269"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guHlivo94So9AArP1aKI2jddzbf935JNK63v4OutNxuXENMlIaKe5y3N8ODAweZ4%2Fkb5IKdj7Oy84ocMkrkJlu%2B%2BRb5EcccJ8HqOeZa%2BGCXrkMzOVt22EtWqK5v%2BBNsoS4Iml7nRsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec497fe75688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png | 104.21.19.111 | 200 OK | 9.2 kB |
URL GET HTTP/3flaredownload.com/prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typePNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced Hashf4a32eb2e5f203dab4882f7b7581b06e 8d51933205a3ed27c2c6bd0182142d6f8432d929 83ec91fc25549922aa0f873a3dc6a3e71f83d8b8cd75fb018475762be29a894e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /prod/images/f4a32eb2e5f203dab4882f7b7581b06e.png HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: image/png
content-length: 9232
last-modified: Tue, 03 Aug 2021 15:21:51 GMT
etag: "61095f0f-2410"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nkj8Yhzkz80mEqdX7JqkqkHtkIYRw%2F0JtoU106KLZttVyxnHwzIImp07LjV2WrQBzo%2FRQ1ei22AFHo5%2FvuM3gb4FCglWYPUFIjyayFOxkSeBeKyFm8Fj3nK%2B7mMwKDWlmbX03MtuUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 8801ec487df05688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-8ecdb346.js | 104.21.19.111 | 200 OK | 6.3 kB |
URL GET HTTP/3flaredownload.com/assets/hl-8ecdb346.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (6661), with no line terminators Hash47c46646da7f220e939e22227ad81c52 943b29a57ab33348040254a84f677e9e7199f513 ea1e2a1bd2536c133f8c25c5d167fa60a5979e6875a2eeb163e1ef9a6443b7f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-8ecdb346.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=6330
access-control-allow-origin: *
etag: W/"6639e6e3-18ba"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhRGXZt%2FHUlLMNlnKTUOMdU1IVFI8sM%2BPzJbAuxRl4Z91lwvL%2F5wg5Ejc0OUySyXIiVog2%2BGnOm%2FYR2%2FbS%2F3OxB3esThUsX%2F6lm%2Fn4f36icuPzvCkguczHSP3tMenpG1powzdFX9bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec48ceb35688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 254 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c IP142.250.74.72:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size254 kB (254197 bytes) Hash728bf005a054ea1dc79adf3f37160a89 0e46fc7bc2fc56493557db4d4014e939ee187c46 ffc86b1e9e56f69021ff8aab3a4311625590d7c8761c3d9fca503bc3c08c9e57
GET /gtag/js?id=G-CK9NSGSVJF&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 14:33:03 GMT
expires: Tue, 07 May 2024 14:33:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89819
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| flaredownload.com/assets/hl-9c710746.js | 104.21.19.111 | 200 OK | 1.9 kB |
URL GET HTTP/3flaredownload.com/assets/hl-9c710746.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (2045), with no line terminators Hash4b9571a545798a4daa157024a8b1f507 fe41246162d5048a32d2fb0a80c977c570feebde 2c15a14c697a5965f8de01e15c4049554ec191cb17a734b9747d1d98f4157bf3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-9c710746.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1878
access-control-allow-origin: *
etag: W/"6639e6e3-756"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vDw7eK3Q6hWhKmINoj8MUuNf8NLWagdIMqpBc6s9xAsqYeVRm8Jgxr0PLAq9Iw00uoYa1gYfybi%2BVPxDHw52d%2BUBYZNd0uqtZ%2BfIRSxypY99nOUVHnpdqOanpxPvSiSui3kFIqsmwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec48bea05688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/lead/prefill | 104.21.19.111 | 200 OK | 64 B |
URL POST HTTP/3flaredownload.com/lead/prefill IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash0a00dc476383c35bcfbc0ea44c3a60ea 36ebdfa0bfa4aa0ec8f4d7417d2112bae7d406db 819bd596583bc3bc638b2fa8d87d80b16551a1d68abb86261795db848cc226d2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /lead/prefill HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
sentry-trace: 462fdf9c1b5f4322985261c3839c5494-a478af3006d7dc2d-0
baggage: sentry-environment=production,sentry-public_key=9056b383582c444792eb65c1726488d9,sentry-trace_id=462fdf9c1b5f4322985261c3839c5494,sentry-sample_rate=0.1,sentry-transaction=LandingHome,sentry-sampled=false
Content-Length: 56
Origin: https://flaredownload.com
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/json; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAp810mO6fYOkrtTYW1uLb75Hz%2FFjxKAqcusQdLXAjR3q%2FZZmmmb%2FZW8EtV%2F6ov1vUqmZNF9UW5GOKzm4SiijctTVC8N0X5T1e5ttkDBmbyXWlzn1GH5ziY7Q5cv2w88Ua6EtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801ec495f9c5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-b93b9165.woff2 | 104.21.19.111 | 200 OK | 8.0 kB |
URL GET HTTP/3flaredownload.com/assets/hl-b93b9165.woff2 IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7988, version 1.0 Hash087457026965f98466618a478c4b1b07 00b024ccb35e3694de662d180d6ea7f56de6d654 b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-b93b9165.woff2 HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-78f24724.css
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/octet-stream
content-length: 7988
last-modified: Tue, 07 May 2024 08:31:30 GMT
etag: "6639e6e2-1f34"
access-control-allow-origin: *
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eWtvjCHvIpNNYi6rsQMPdkbYUTTFOmxwAhZpQvH2TtPwb4%2Fx9Hpntp8XdtL2KCpsVjT00N6kWLGclggkabs%2FOiklH6daFHDBzQELem%2BCbyH1xIinKaqLWgCUsjuOVT5yhxtfB8zGjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 8801ec4988085688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-d98910d4.css | 104.21.19.111 | 200 OK | 78 kB |
URL GET HTTP/3flaredownload.com/assets/hl-d98910d4.css IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (65329) Hasha1713c7a8fb53e78bbd5a1c76068791d c15ca4f1e62bde996f9c72fb4a3e3f584b966741 cd7e4b31039bf939306ab3d38291f59e92069a24744e4b359b557aba0eb5b219
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-d98910d4.css HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=77791
access-control-allow-origin: *
etag: W/"6639e6e2-12fdf"
last-modified: Tue, 07 May 2024 08:31:30 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBl2qGLnweKxzzWH2%2F%2BajZG2LAQIvdM9fsjiFRfMNEALKpj6NXkXh6rxX45wZ8vRw5cyv5RaN4UFosYxWg3hBFVCP8ejNzkMu4c%2BAa0VCB9uYARIaDI1z%2FA5O2yGf0w5ocNmHeKAsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec45e83e5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-76eb7d98.js | 104.21.19.111 | 200 OK | 616 B |
URL GET HTTP/3flaredownload.com/assets/hl-76eb7d98.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (636), with no line terminators Hash099fdbaaddc362dbfee0057dbff50e42 bb9ea6df527763127050ca50a6801810da55791d 55007d437735695935cee018f9583264b5652e527d3cd8ea83b96df0b07528a2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-76eb7d98.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=617
access-control-allow-origin: *
etag: W/"6639e6e3-269"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guHlivo94So9AArP1aKI2jddzbf935JNK63v4OutNxuXENMlIaKe5y3N8ODAweZ4%2Fkb5IKdj7Oy84ocMkrkJlu%2B%2BRb5EcccJ8HqOeZa%2BGCXrkMzOVt22EtWqK5v%2BBNsoS4Iml7nRsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec496fcd5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-4ae220c2.js | 104.21.19.111 | 200 OK | 779 B |
URL GET HTTP/3flaredownload.com/assets/hl-4ae220c2.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (821), with no line terminators Hashac960bb4fafd7eae585cc2dd2977147c bea992f937a46aa237ca5f3c87c7f5edb3127f72 d01f6043abdbd61de10a397af1eb251e7125e1a3de229eb7afa6e198550e58cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-4ae220c2.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-8ecdb346.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=780
access-control-allow-origin: *
etag: W/"6639e6e3-30c"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BQb4s08lsBvgpVYLWHyhu308UFypXNafe9T7Fbl%2B5q2H%2B4LdvWgV01OOfiFFoYjHVdkT%2FSdRAdwHXir%2BfckuosU4r8wEfENsUoxvSGYh0dQOcl%2B5EjvKpFNw1kzs7vvL01mw5n%2BTgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec497fe55688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/favicon.ico | 104.21.19.111 | 200 OK | 4.3 kB |
URL GET HTTP/3flaredownload.com/favicon.ico IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash1ba2ae710d927f13d483fd5d1e548c9b c0605efed936ee2600284e6480521d06fa64f872 db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: image/x-icon
last-modified: Wed, 13 Sep 2023 08:04:59 GMT
etag: W/"65016d2b-10be"
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m461aDSUmb6GnAAadMOGC%2Bgz4d4Zy4ANBTc%2FOmqGQz3hHmaMIJENrveO8WUt7x5QRF1BiqYpiO81wdZpW5Q5iYG%2Fn66kz4q9NWvYY7zdFxfBhmZuvZr6FzC%2FWcb%2BwSVOn%2BOP8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8801ec442bfd5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=UA-195162716-6 | 142.250.74.72 | 200 OK | 208 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-195162716-6 IP142.250.74.72:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Size208 kB (207556 bytes) Hasha9aaa5a50b75f501effa7219f1d70e72 147fbd92e1f9a7a5122cd308f786bc8b953f5a69 91d0c03ca1653ca97de7f3b438eafe7c09e4cc435fd1d58dcdfbb94187600a97
GET /gtag/js?id=UA-195162716-6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 14:33:03 GMT
expires: Tue, 07 May 2024 14:33:03 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= | 104.21.19.111 | 200 OK | 417 B |
URL User Request GET HTTP/2flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= IP104.21.19.111:443
CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeHTML document, ASCII text, with very long lines (456), with no line terminators Hash410302fa487435a3db87897f5356abfe f6b04de92db590c9da3bc6749478922756a8ac17 692c11e825f6a0da97fcb720e4ec710592281e9903a31c47f22350811b87d1f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 14:33:02 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYCWDDWAJ8IlDsKAKVJguf%2Bj%2FMpzlljXrb6ocKFpZLTCgYOvqXL0IPfhhl50dzvgS0aUbQxuyyf06kzZ5MVqdg0y7TbUAVOo%2FCjz0QSKlS6Z7DmxKgYkktrtnnVpQzZr%2FrT1NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8801ec3f9a9956b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| flaredownload.com/assets/hl-1d9299f0.js | 104.21.19.111 | 200 OK | 1.3 kB |
URL GET HTTP/3flaredownload.com/assets/hl-1d9299f0.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (1322), with no line terminators Hashca1c645e594fe9e742a2b7fd6fac2b6e 3424989afea5f14cb0f1aa40ac774f5b66194b0f e42a05056766117282c5b2141bea982971f6eb358a8212231e19cf66bd53d278
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-1d9299f0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1286
access-control-allow-origin: *
etag: W/"6639e6e3-506"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YiGo4%2BPXXdBak%2F82L4Ava%2FgWa9Lj4Wf4T%2BCJeRPYaAC4%2F6AomJaM2j7Gnu1bbSTBO1XKchq17fACCIDPJ9qfptf12h81Zq5ccShLmdmwllY9xapaL042mWg6Y7uRGIm6gweSDyXaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec450e555688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-4f13edc9.js | 104.21.19.111 | 200 OK | 426 B |
URL GET HTTP/3flaredownload.com/assets/hl-4f13edc9.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (456), with no line terminators Hash020a4180e14c31ebd748c5b02afaabf4 60d4904d7695cf40b7e4ee9508158ddb9e9c2add 92139ca312a5f90123e0a4c10c1b10d2514700b426c761f41dcc37253bd26ed5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-4f13edc9.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-af68a598.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=427
access-control-allow-origin: *
etag: W/"6639e6e3-1ab"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bc1mFCahq7CKoPHBGp2pQ8yIzu7M9QW9m0gaW4stDd8%2FRAwqQ6vpEjYAN6Eu2X%2FaPI4uDokFRlNIWV6VyDJPXzFmPiNrNV6hm7A3VBPfZiKVr672hWCt%2FC%2B9Qr%2BxbDSJ%2BtQNPEjn6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec48ceb45688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-df7628f8.js | 104.21.19.111 | 200 OK | 2.8 kB |
URL GET HTTP/3flaredownload.com/assets/hl-df7628f8.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (2919), with no line terminators Hashebb150f7628084b5a2b845ff6b722fef fc20037e7e252745866f61086814d61f0ed9632e 367a6126740f6beafac00eb851605cf8a2953549845c46fc892020a4e1c36375
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-df7628f8.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"6639e6e3-b1a"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loLlazX0z8RVGM7PXzE%2FVVfcLfb4zw0f%2BU3g%2BTT3A3ni5utV90aRa0oBnCcNeygpd455e8WZvdf%2BPN6qq8y9yMf3OB9KaiyK8NaLv94Wc1huiWYn53DwCobz5Hd7joUOODj3s81tCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec496fb55688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-df7628f8.js | 104.21.19.111 | 200 OK | 2.8 kB |
URL GET HTTP/3flaredownload.com/assets/hl-df7628f8.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeJavaScript source, ASCII text, with very long lines (2919), with no line terminators Hashebb150f7628084b5a2b845ff6b722fef fc20037e7e252745866f61086814d61f0ed9632e 367a6126740f6beafac00eb851605cf8a2953549845c46fc892020a4e1c36375
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-df7628f8.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-8ecdb346.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D; _ga_CK9NSGSVJF=GS1.1.1715092384.1.0.1715092384.0.0.0; _ga=GA1.1.1766386099.1715092384
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:04 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=2842
access-control-allow-origin: *
etag: W/"6639e6e3-b1a"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loLlazX0z8RVGM7PXzE%2FVVfcLfb4zw0f%2BU3g%2BTT3A3ni5utV90aRa0oBnCcNeygpd455e8WZvdf%2BPN6qq8y9yMf3OB9KaiyK8NaLv94Wc1huiWYn53DwCobz5Hd7joUOODj3s81tCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
server: cloudflare
cf-ray: 8801ec497fda5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| flaredownload.com/assets/hl-1d9299f0.js | 104.21.19.111 | 200 OK | 1.3 kB |
URL GET HTTP/3flaredownload.com/assets/hl-1d9299f0.js IP104.21.19.111:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectflaredownload.com FingerprintA7:68:A0:75:94:62:A1:45:DE:7D:F0:07:04:B4:D1:B8:96:E1:C2:50 ValidityMon, 18 Mar 2024 15:26:29 GMT - Sun, 16 Jun 2024 15:26:28 GMT
File typeASCII text, with very long lines (1322), with no line terminators Hashca1c645e594fe9e742a2b7fd6fac2b6e 3424989afea5f14cb0f1aa40ac774f5b66194b0f e42a05056766117282c5b2141bea982971f6eb358a8212231e19cf66bd53d278
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/hl-1d9299f0.js HTTP/1.1
Host: flaredownload.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/assets/hl-016c1a2d.js
Cookie: visitInfo::7748=88821c850a5a99f53d245763013658915247956bddbc8be3206c4ea20a5cb372a%3A2%3A%7Bi%3A0%3Bs%3A15%3A%22visitInfo%3A%3A7748%22%3Bi%3A1%3Ba%3A5%3A%7Bs%3A8%3A%22cookieId%22%3Bs%3A32%3A%22748ee9596b9beec4ec2e88e1154a6bc2%22%3Bs%3A7%3A%22network%22%3Bs%3A6%3A%22200347%22%3Bs%3A9%3A%22publisher%22%3Bs%3A8%3A%2228e3e9ad%22%3Bs%3A10%3A%22externalId%22%3Bs%3A36%3A%22806859c9-35be-4a46-b77a-90a70d571b08%22%3Bs%3A7%3A%22isNewTr%22%3Bb%3A1%3B%7D%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 14:33:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1286
access-control-allow-origin: *
etag: W/"6639e6e3-506"
last-modified: Tue, 07 May 2024 08:31:31 GMT
cache-control: max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3YiGo4%2BPXXdBak%2F82L4Ava%2FgWa9Lj4Wf4T%2BCJeRPYaAC4%2F6AomJaM2j7Gnu1bbSTBO1XKchq17fACCIDPJ9qfptf12h81Zq5ccShLmdmwllY9xapaL042mWg6Y7uRGIm6gweSDyXaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8801ec450e6f5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700 | 142.250.74.106 | 200 OK | 8.7 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700 IP142.250.74.106:443
Requested byhttps://flaredownload.com/en_us/unlock-content-now-1?&subid=806859c9-35be-4a46-b77a-90a70d571b08&networkid=200347&publisher=28e3e9ad&isNewTr=1&stream=&email=&subsource=&subsource= CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (8956), with no line terminators Hash91804c0df51e58b0bf469561e1ac2732 cc5a9023e310b49ef8f8ae32bb89ea774fe116ec 8a8aed46bfb9cdec8e34e76343b7e66796cf09926aef42efdfe5fa8a1fdda8aa
GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://flaredownload.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 May 2024 14:33:03 GMT
date: Tue, 07 May 2024 14:33:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|